Brian Kelley

Brian Kelley is an author, columnist, and Microsoft SQL Server MVP focusing primarily on SQL Server security. He is a contributing author for How to Cheat at Securing SQL Server 2005 (Syngress), Professional SQL Server 2008 Administration (Wrox), and Introduction to SQL Server (Texas Publishing). Brian currently serves as an infrastructure and security architect. He has also served as a senior Microsoft SQL Server DBA, database architect, developer, and incident response team lead.

Interests: Chess, Reading, Soccer (Football), Baseball, Animals, Theology

All authors

Determining if a Server Principal Owns Database Objects

by Brian Kelley

Databases – Infrastructure – Security

This question comes up a lot in the forums: "How do I know if the login owns any objects?" Usually...

2009-02-24

7,430 reads

Excel Malformed File Vulnerability - Remote Code Execution

by Brian Kelley

Databases – Infrastructure – Security

Today, Microsoft release a security advisory about a new vulnerability in Microsoft Excel. This one affects both PCs and Macs....

2009-02-24

1,808 reads

Detecting When a Login Has Implicit Access to a Database

by Brian Kelley

Databases – Infrastructure – Security

Yesterday I blogged about how to figure out what database principals corresponded to what server principals. The key is to...

2009-02-23

1,877 reads

New Video Appearing on Front Page of JumpStart TV

by Brian Kelley

Databases – Infrastructure – Security

All of the videos I've done are up under my profile. However, the video for The difference between GRANT, DENY...

2009-02-23

1,498 reads

Mapping Database Principals to Server Principals

by Brian Kelley

Databases – Infrastructure – Security

A question on the forum asked how to find all the database mappings for a particular login. If you're on SQL...

2009-02-22

9,845 reads

Looking Forward to Getting My Kindle 2

by Brian Kelley

Databases – Infrastructure – Security

When the Kindle 2 was first announced, I debated about whether or not to get it. Then I realized I...

2009-02-21

1,369 reads

Adobe Acrobat/Reader 0day - Disable JavaScript

by Brian Kelley

Databases – Infrastructure – Security

There is an active attack in the wild for the newly announced Adobe Acrobat and Adobe Reader vulnerability. While the...

2009-02-20

2,065 reads

You Must Trust Someone

by Brian Kelley

Databases – Infrastructure – Security

After some recent talks with security folks and auditors, one of the things I have had a hard time getting across...

2009-02-20

3,098 reads

You Must Trust Your DBAs

by Brian Kelley

Databases – Infrastructure – Security

This is a follow-on post to You Must Trust Someone. My point in that post was to establish that being...

2009-02-20

1,953 reads

Another Reason to Avoid Cross-Database Ownership Chaining

by Brian Kelley

SQLServerCentral.com

Blogs

This past weekend we were moving database files around because we added new LUNs to an existing production cluster. We went at the old tried and true way, we detached the databases, moved the files, and re-attached the databases. That seemed to work well...

★ ★ ★ ★ ★ ★ ★ ★ ★ ★

You rated this post out of 5. Change rating

2009-02-20

2,133 reads

Discuss

All authors

Brian Kelley

Determining if a Server Principal Owns Database Objects

Excel Malformed File Vulnerability - Remote Code Execution

Detecting When a Login Has Implicit Access to a Database

New Video Appearing on Front Page of JumpStart TV

Mapping Database Principals to Server Principals

Looking Forward to Getting My Kindle 2

Adobe Acrobat/Reader 0day - Disable JavaScript

You Must Trust Someone

You Must Trust Your DBAs

Another Reason to Avoid Cross-Database Ownership Chaining

Blogs

The end of an era – why I chose not to renew my MVP

PowerShell Strikes Back: A New Script

Claude Desktop

Forums

Unraveling the Mysteries of the Ephemeral Model: The Fabric Modern Data Platform

QUOTENAME Behavior

Running script without having permission to Function

Question of the Day

QUOTENAME Behavior