high risk stystem stored procedures

  • has anyone compilede a list of high risk system stored procedures in SS 2008 R2? like xp_cmdshell, that access the server and need to have access controlled? I have a partial list from SS 2005 that I need to update.

    Thanks.

  • The list will be pretty much the same. As far as I can tell Microsoft is getting out of the business of producing new Extended Stored Procedures (XSPs) and moving towards using the SQLCLR.

    What is on your list?

    There are no special teachers of virtue, because virtue is taught by the whole community.
    --Plato

  • the 2005 stored procs that modify system config values, and go out to AD or the server registry and disk subsystem. Basically the ones that can reach outside the database. We disable public access to them and create user roles for the ones that we use and grant rights to the roles to our users and developers.

Viewing 3 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic. Login to reply