Database ownership and TRUSTWORTHY

  • SQLDoubleG

    Hall of Fame

    Points: 3090

    Comments posted to this topic are about the item Database ownership and TRUSTWORTHY

  • h.tobisch

    SSCommitted

    Points: 1671

    this article is a rare example for what i expect of a well-written article.

    exposure at the beginning, conclusion, references, some reasonable reasoning in the main part.

    congratulations.

  • SQLDoubleG

    Hall of Fame

    Points: 3090

    h.tobisch (1/29/2015)


    this article is a rare example for what i expect of a well-written article.

    exposure at the beginning, conclusion, references, some reasonable reasoning in the main part.

    congratulations.

    Thanks!, Since this is my first one, I didn't want to miss any of those points. Experts are watching all your moves ...:w00t:

  • Colleen M. Morrow

    SSCrazy

    Points: 2457

    I agree. Very well done.



    Colleen M. Morrow
    Cleveland DBA

  • Mike Good

    SSCertifiable

    Points: 7388

    I concur. Nice job! Thank you for this.

  • C64DBA

    SSC Veteran

    Points: 249

    Thanks for taking the time to write this up. Excellent job, and very timely!

  • Garry.McGibbon

    SSC Journeyman

    Points: 87

    This is important information I did not know. Thanks.

  • Ken Grissom-138180

    Mr or Mrs. 500

    Points: 529

    Thanks for the information.

    But that raises a question for me.

    If we are not to use the TRUSTWORTHY with SA access what about the MSDB? Since Microsoft has set the MSDB to TRUSTWORTY and ownership is 'SA' does that pose similar security risks? Should one change ownership of MSDB to a non-privilaged account? I am confused since Microsoft says not to alter the ownership of system databases?

  • SQLDoubleG

    Hall of Fame

    Points: 3090

    Ken Grissom-138180 (3/4/2015)


    Thanks for the information.

    But that raises a question for me.

    If we are not to use the TRUSTWORTHY with SA access what about the MSDB? Since Microsoft has set the MSDB to TRUSTWORTY and ownership is 'SA' does that pose similar security risks? Should one change ownership of MSDB to a non-privilaged account? I am confused since Microsoft says not to alter the ownership of system databases?

    Generally speaking you should not change any settings on system databases (not speaking of tempdb or model though), but bear in mind that privilege escalation is a combination of factors. Which are

    - Database ownership with high privileges

    - TRUSTWORTHY ON

    - And what is also required is to have database users members of the db_owner database group which can impersonate [dbo]

    Without any of those, escalation is not possible (by using impersonation)

    So as long as you don't have any user in the db_owner (and I don't see a reason why you should in msdb database), you're absolutely fine.

    Hope that clears things for you

    Cheers

  • quackhandle1975

    SSChampion

    Points: 11055

    A client application I work with uses TRUSTWORTHY on the backend db and I wasn't convinced they needed it (it's a bad application) but your article has given me a better understanding.

    Thanks

    qh

    [font="Tahoma"]Who looks outside, dreams; who looks inside, awakes. – Carl Jung.[/font]

Viewing 10 posts - 1 through 10 (of 10 total)

You must be logged in to reply to this topic. Login to reply