Posted by Erland Sommarskog on 07/30/05 01:12

byrocat (bdealhoy@sympatico.ca) writes:
> I'm chasing after a documetn that was available on one of the Microsoft
> websites that was titled somethign like "MS SQL Server Best Practices"
> and detailed a nyumber of best practices about securing the server.
>
> Included in this was revoking public access to the system table
> objects.

I would not do this. At least not without extensive testing first.

The fact that all metadata is open to anyone is not entirely
satisfyable, but the opposite is not good either.

In SQL 2005 things are different. Here you can only see metadata
for objects that you have access to. Unfortunately, this important
distinction is not possible to make in SQL 2000.


--
Erland Sommarskog, SQL Server MVP, esquel@sommarskog.se

Books Online for SQL Server SP3 at
http://www.microsoft.com/sql/techinfo/productdoc/2000/books.asp

• Next in forum: Re: My design - where did I go wrong?
• Prev in forum: Re: n00b question: Connecting to SQL Server at ISP?
• Thread view: Re: MIcrosft SQLServer Best Practices document on securing SQLServer

[Reply to this message]