sql account with connect sql can shutdown sql server
-
Perry Whittle (11/4/2010)
K. Brian Kelley (11/4/2010)
Likely that user is a member of a group that is either a member of the Administrators or Power Users group on the system where SQL Server is deployed.Which is why I said check the local administrators group, people rarely use power users in my experience. Ignorance leads them to dump users into the administrators group instead!!
Yeah, but it's only a couple of extra clicks and if I was an attacker, I would use what you just said to do exactly that.
K. Brian Kelley
@kbriankelley -
K. Brian Kelley (11/4/2010)
Yeah, but it's only a couple of extra clicks and if I was an attacker, I would use what you just said to do exactly that.Sorry, you lost me here!
What's only a couple of clicks, what would you use to do exactly what?
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs"
-
Most folks I know who are checking membership in the Administrators group on a server do so using Computer Management (compmgmt.msc or Start >> Control Panel >> Administrative Tools >> Computer Management). So if you're using that interface, it's only a couple of clicks to bring up the membership of Power Users since you're already at the group interface.
K. Brian Kelley
@kbriankelley
Viewing 3 posts - 16 through 18 (of 18 total)
You must be logged in to reply to this topic. Login to reply