Database ownership and TRUSTWORTHY

  • Comments posted to this topic are about the item Database ownership and TRUSTWORTHY

  • this article is a rare example for what i expect of a well-written article.

    exposure at the beginning, conclusion, references, some reasonable reasoning in the main part.

    congratulations.

  • h.tobisch (1/29/2015)


    this article is a rare example for what i expect of a well-written article.

    exposure at the beginning, conclusion, references, some reasonable reasoning in the main part.

    congratulations.

    Thanks!, Since this is my first one, I didn't want to miss any of those points. Experts are watching all your moves ...:w00t:

  • I agree. Very well done.



    Colleen M. Morrow
    Cleveland DBA

  • I concur. Nice job! Thank you for this.

  • Thanks for taking the time to write this up. Excellent job, and very timely!

  • This is important information I did not know. Thanks.

  • Thanks for the information.

    But that raises a question for me.

    If we are not to use the TRUSTWORTHY with SA access what about the MSDB? Since Microsoft has set the MSDB to TRUSTWORTY and ownership is 'SA' does that pose similar security risks? Should one change ownership of MSDB to a non-privilaged account? I am confused since Microsoft says not to alter the ownership of system databases?

  • Ken Grissom-138180 (3/4/2015)


    Thanks for the information.

    But that raises a question for me.

    If we are not to use the TRUSTWORTHY with SA access what about the MSDB? Since Microsoft has set the MSDB to TRUSTWORTY and ownership is 'SA' does that pose similar security risks? Should one change ownership of MSDB to a non-privilaged account? I am confused since Microsoft says not to alter the ownership of system databases?

    Generally speaking you should not change any settings on system databases (not speaking of tempdb or model though), but bear in mind that privilege escalation is a combination of factors. Which are

    - Database ownership with high privileges

    - TRUSTWORTHY ON

    - And what is also required is to have database users members of the db_owner database group which can impersonate [dbo]

    Without any of those, escalation is not possible (by using impersonation)

    So as long as you don't have any user in the db_owner (and I don't see a reason why you should in msdb database), you're absolutely fine.

    Hope that clears things for you

    Cheers

  • A client application I work with uses TRUSTWORTHY on the backend db and I wasn't convinced they needed it (it's a bad application) but your article has given me a better understanding.

    Thanks

    qh

    [font="Tahoma"]Who looks outside, dreams; who looks inside, awakes. – Carl Jung.[/font]

Viewing 10 posts - 1 through 10 (of 10 total)

You must be logged in to reply to this topic. Login to reply