high risk stystem stored procedures

  • maroon-78

    Ten Centuries

    Points: 1014

    has anyone compilede a list of high risk system stored procedures in SS 2008 R2? like xp_cmdshell, that access the server and need to have access controlled? I have a partial list from SS 2005 that I need to update.

    Thanks.

  • Orlando Colamatteo

    SSC Guru

    Points: 182269

    The list will be pretty much the same. As far as I can tell Microsoft is getting out of the business of producing new Extended Stored Procedures (XSPs) and moving towards using the SQLCLR.

    What is on your list?

    __________________________________________________________________________________________________
    There are no special teachers of virtue, because virtue is taught by the whole community. --Plato

  • maroon-78

    Ten Centuries

    Points: 1014

    the 2005 stored procs that modify system config values, and go out to AD or the server registry and disk subsystem. Basically the ones that can reach outside the database. We disable public access to them and create user roles for the ones that we use and grant rights to the roles to our users and developers.

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic. Login to reply