Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase ««12

Let's Talk Ownership (and SQL Jobs) Expand / Collapse
Author
Message
Posted Tuesday, November 24, 2009 3:05 AM


SSC-Enthusiastic

SSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-Enthusiastic

Group: General Forum Members
Last Login: Thursday, May 22, 2014 8:32 AM
Points: 163, Visits: 428
Yeah. I'd be really worried about the security implications of this.

I thought it was a great article highlighting the problems that can arise from personally owned jobs.
Between it and the comments made I now have all the building blocks to write a job ownership transfer that can be run at point of departure of one user to transfer job ownership to the replacement.


_______________________________________________________
Change is inevitable... Except from a vending machine.
Post #823740
Posted Saturday, January 23, 2010 12:59 PM


SSCertifiable

SSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiable

Group: General Forum Members
Last Login: 2 days ago @ 4:21 PM
Points: 7,928, Visits: 9,653
Rob Fisk (11/24/2009)
Yeah. I'd be really worried about the security implications of this.

I thought it was a great article highlighting the problems that can arise from personally owned jobs.


Pity it didn't highlight the problems that can arise from SA owned jobs as well. I really don't fancy having everything running with sysadmin privileges, whether it needs them or not.

In fact I'm fairly tempted to say that no jobs at all should be owned by SA because (although you may want interdomain connections without having interdomain trust at NT level so that you have to have SQL logins as well as NT logins) there's no good reason why SA should ever be be able to login (it's easy to have a job that creates a random SA password and doesn't put it where any human can get it).


Tom
Post #852599
« Prev Topic | Next Topic »

Add to briefcase ««12

Permissions Expand / Collapse