Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase

high risk stystem stored procedures Expand / Collapse
Author
Message
Posted Monday, January 21, 2013 2:18 PM
SSC-Enthusiastic

SSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-Enthusiastic

Group: General Forum Members
Last Login: Friday, August 23, 2013 1:01 PM
Points: 123, Visits: 293
has anyone compilede a list of high risk system stored procedures in SS 2008 R2? like xp_cmdshell, that access the server and need to have access controlled? I have a partial list from SS 2005 that I need to update.
Thanks.
Post #1409712
Posted Monday, January 21, 2013 3:07 PM


SSCertifiable

SSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiable

Group: General Forum Members
Last Login: Yesterday @ 7:44 PM
Points: 7,107, Visits: 12,661
The list will be pretty much the same. As far as I can tell Microsoft is getting out of the business of producing new Extended Stored Procedures (XSPs) and moving towards using the SQLCLR.

What is on your list?


__________________________________________________________________________________________________
There are no special teachers of virtue, because virtue is taught by the whole community. --Plato
Post #1409725
Posted Tuesday, January 22, 2013 8:14 AM
SSC-Enthusiastic

SSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-Enthusiastic

Group: General Forum Members
Last Login: Friday, August 23, 2013 1:01 PM
Points: 123, Visits: 293
the 2005 stored procs that modify system config values, and go out to AD or the server registry and disk subsystem. Basically the ones that can reach outside the database. We disable public access to them and create user roles for the ones that we use and grant rights to the roles to our users and developers.
Post #1410061
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse