April 29, 2008 at 2:41 pm
The database master key is used to encrypt other keys in the DB. It's not there to stop the DB being attached/restored onto another server.
Currently, the way to ensure that no unauthorised person can read the DB is to secure the server and ensure that no unauthorised people have access to the server.
Transparent database encryption may help (SQL Server 2008) but that works by preventing the DB from being attached/restored to any instance that doesn't have the appropriate certificate installed. From what I read, you'd have to distribute the certificate to allow the express edition to attach the DB, meaning anyone who downloads the DB can get the certificate from the installation package, unless there's some form of encryption you can put on the files in the installation package.
Oh, and btw, even with builtin/admins removed, there is a way for a local administrator on the server to get sysadmin access to SQL server.
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
April 29, 2008 at 10:29 pm
Thank you
>Oh, and btw, even with builtin/admins removed, there is a way for a local administrator on the server to get sysadmin access to SQL server.
April 29, 2008 at 10:30 pm
Sorry hit the wrong key!
>Oh, and btw, even with builtin/admins removed, there is a way for a local administrator on the server to get sysadmin access to SQL server.
Is this even if they do not know the sa pwd?
Ta
May 1, 2008 at 9:02 pm
Yes. If SQL Server is started in single user mode, any account with local administrator rights can connect/login to SQL Server and they will have sysadmin rights.
MARCUS. Why dost thou laugh? It fits not with this hour.
TITUS. Why, I have not another tear to shed;
--Titus Andronicus, William Shakespeare
May 2, 2008 at 9:27 am
gcmcmahon (4/29/2008)
Is this even if they do not know the sa pwd?
Yes, and it works even if the server's in windows authentication only mode.
It's so that an admin cannot accidentally lock himself out of his own server (by dropping the last sysadmin login)
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
Viewing 5 posts - 1 through 6 (of 6 total)
You must be logged in to reply to this topic. Login to reply