Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase

high risk stystem stored procedures Expand / Collapse
Author
Message
Posted Monday, January 21, 2013 2:18 PM
SSC-Enthusiastic

SSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-Enthusiastic

Group: General Forum Members
Last Login: Friday, August 23, 2013 1:01 PM
Points: 123, Visits: 293
has anyone compilede a list of high risk system stored procedures in SS 2008 R2? like xp_cmdshell, that access the server and need to have access controlled? I have a partial list from SS 2005 that I need to update.
Thanks.
Post #1409712
Posted Monday, January 21, 2013 3:07 PM


SSCertifiable

SSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiable

Group: General Forum Members
Last Login: Wednesday, April 16, 2014 9:25 AM
Points: 7,070, Visits: 12,523
The list will be pretty much the same. As far as I can tell Microsoft is getting out of the business of producing new Extended Stored Procedures (XSPs) and moving towards using the SQLCLR.

What is on your list?


__________________________________________________________________________________________________
There are no special teachers of virtue, because virtue is taught by the whole community. --Plato

Believe you can and you're halfway there. --Theodore Roosevelt

Everything Should Be Made as Simple as Possible, But Not Simpler --Albert Einstein

The significant problems we face cannot be solved at the same level of thinking we were at when we created them. --Albert Einstein

1 apple is not exactly 1/8 of 8 apples. Because there are no absolutely identical apples. --Giordy
Post #1409725
Posted Tuesday, January 22, 2013 8:14 AM
SSC-Enthusiastic

SSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-Enthusiastic

Group: General Forum Members
Last Login: Friday, August 23, 2013 1:01 PM
Points: 123, Visits: 293
the 2005 stored procs that modify system config values, and go out to AD or the server registry and disk subsystem. Basically the ones that can reach outside the database. We disable public access to them and create user roles for the ones that we use and grant rights to the roles to our users and developers.
Post #1410061
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse