Home Forums SQL Server 2005 Administering data folder permission RE: data folder permission

  • October 15, 2012 at 2:42 am

    #1549020

    chewychewy (10/12/2012)

    Hi,

    By default installation, SQLServer2005MSSQLuser$<INSTANCENAME>$MSSQLSERVER is having the below access to SQL Server Data folder.

    Full Control

    Modify

    Read and Execute

    List Folder Contents

    Read

    Write

    Auditor highlight that this is a security concern and want us to revoke full control, modify, read and execute and write permission for SQLServer2005MSSQLuser$<INSTANCENAME>$MSSQLSERVER from the data folder.

    Any idea what is the security risk from security standpoint?

    Anyone here revoke it before? Any impact on doing it? thanks

    This is a default local group created by the SQL Server installer, if you look in local user and group management you'll see a whole bunch of local groups created. Do not revoke permissions for this group!

    -----------------------------------------------------------------------------------------------------------

    "Ya can't make an omelette without breaking just a few eggs" 😉