• Last year Nov, our company had a review with Microsoft on SQLRAP results. They highlighted SQL Service account granted "perform volume maintenance tasks" as a risk. I just close my ear and as they blah blah blah about the us impose such strict securities but leaving this security hole. I tried to explain the merit of instant file initialization, but they argued we should've performed more testing, etc. I told them our databases are very large up to 1TB, what'll happen if we need to restore this somewhere, they replied you test it out first and then decide if you really need this functionality.

    They might be true but I still reckons the merit outweights the risk.

    Wonder if M$ has recommended the same for someone's SQLRAP and someone has actually taken the time to validate M$ claims. I know so many expert recommends granting SQL privs to instant file initialisation, is it really a big security risk as M$ claim?

    Simon

    Simon Liew
    Microsoft Certified Master: SQL Server 2008