chewychewy (10/12/2012)
Hi,By default installation, SQLServer2005MSSQLuser$<INSTANCENAME>$MSSQLSERVER is having the below access to SQL Server Data folder.
Full Control
Modify
Read and Execute
List Folder Contents
Read
Write
Auditor highlight that this is a security concern and want us to revoke full control, modify, read and execute and write permission for SQLServer2005MSSQLuser$<INSTANCENAME>$MSSQLSERVER from the data folder.
Any idea what is the security risk from security standpoint?
Anyone here revoke it before? Any impact on doing it? thanks
This is a default local group created by the SQL Server installer, if you look in local user and group management you'll see a whole bunch of local groups created. Do not revoke permissions for this group!
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs" 😉