Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   ASP .Net (http://www.velocityreviews.com/forums/f29-asp-net.html)
-   -   What are the risks with ASPNET/Network Service having sysadmin role in SQL Server Express 2005? (http://www.velocityreviews.com/forums/t711849-what-are-the-risks-with-aspnet-network-service-having-sysadmin-role-in-sql-server-express-2005-a.html)

Bogdan Jokel 01-15-2010 05:03 PM

What are the risks with ASPNET/Network Service having sysadmin role in SQL Server Express 2005?
 
Hi,

I have a sql server express 2005 instance where BUILTIN\Users and
BUILTIN\Administrators are dropped from 'sysadmin' role. This is primarily
for non-asp.net apps (i.e. native apps).
I also have an ASP.NET app that connects to the instance to access a
database. The IIS user (ASPNET or Network Service) is currently assigned
'sysadmin' role. This is mainly to avoid granting exec permissions on
stored procedures - application specific as well as asp.net membership - to
the IIS user.
All database queries are purely stored proc based. The sql server instance
is configured for Windows Authentication only.

Is there a risk associated with the above approach?

Thanks,
Bogdan





All times are GMT. The time now is 10:56 PM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.