Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

SQL 2005 security questions

Status
Not open for further replies.
kodaksmile

kodaksmile

MIS
Jun 19, 2002
294
US
Hi All,

We are going through a government required security change for several of our systems. One of the requirements it to revoke almost all access from the public role. While I can do most of that (will probably break the system) there are several (200 or so) permissions that cannot be revoked. For example:

REVOKE SELECT ON xml_schema_wildcards from public

will return:

Cannot find the object 'xml_schema_wildcards', because it does not exist or you do not have permission.

However this item does show up on the security scan. Does anyone know if there is any documentation on the fact that some permissions cannot be revoked?

Thanks,
 
Sort by date Sort by votes
I would simply tell them that rights to system objects can not be revoked as this can prevent the system from working correctly.

Is this private sector or public sector? If private which regulations are you dealing with?

Denny
MCSA (2003) / MCDBA (SQL 2000)
MCTS (SQL 2005 / Microsoft Windows SharePoint Services 3.0: Configuration / Microsoft Office SharePoint Server 2007: Configuration)
MCITP Database Administrator (SQL 2005) / Database Developer (SQL 2005)

My Blog
 
Upvote 0 Downvote
We are dealing with DIACAP requirements - the irony is how many of them conflict.
 
Upvote 0 Downvote
Ouch, Public Sector DoD protocals.

Is there room in the Doc (I really don't see myself reading all 53 pages in the doc I found via Google) that allows for commonly known best practices? You may want to try calling Microsoft and see if they have a paper written on why they have granted the default rights which they have granted.

Denny
MCSA (2003) / MCDBA (SQL 2000)
MCTS (SQL 2005 / Microsoft Windows SharePoint Services 3.0: Configuration / Microsoft Office SharePoint Server 2007: Configuration)
MCITP Database Administrator (SQL 2005) / Database Developer (SQL 2005)

My Blog
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

grnzbra
  • Locked
  • Question
SQL Server in Windows
Replies
1
Views
234
pjw001
pjw001
CodeWell
  • Locked
  • Question
SQL Server 2017 Install Issue - Database Not in Configuration Manager
Replies
0
Views
213
CodeWell
CodeWell
dgillz
  • Locked
  • Question
SQL View not available to Excel Power Query
Replies
1
Views
170
dgillz
dgillz
bethabernathy
  • Locked
  • Question
Front End Access 365 Database dsn Connection Fails when attempting to link to 2016 SQL server
Replies
1
Views
173
dhookom
dhookom
Ikatiemarie
  • Locked
  • Question
SQL Server 2008 SP_Send_dbmail
Replies
0
Views
443
Ikatiemarie
Ikatiemarie

Part and Inventory Search

Sponsor

Back
Top