EdVassie (7/19/2010)
With the introduction of database ownership chains this is no longer a safe thing to do. A user with database owner rights in a user database that is owned by sa will get elevated privileges in the master database that could allow them to hack your system.My understanding of current best practice is to set the db owner of all user databases to a named account that has low privileges. The account can even be set to disabled in SQL Server, to prevent anyone using it.
If you have some user databases in an ownership chain, then these databases should have an owner account that is different to all databases not in that chain.
In order for the dbo in the user database to gain access to the master database wouldn't chain ownership have to be enabled?
I can understand why that would be a problem but, assuming it is DISABLED, what are the risks involved with having SA set to database owner on user databases?
From what I understand, they would only be able to access referenced views and tables on their own user database through chained ownership. This is redundant as they already have db_owner role and access to all objects on this database.