B
Bogdan Jokel
Hi,
I have a sql server express 2005 instance where BUILTIN\Users and
BUILTIN\Administrators are dropped from 'sysadmin' role. This is primarily
for non-asp.net apps (i.e. native apps).
I also have an ASP.NET app that connects to the instance to access a
database. The IIS user (ASPNET or Network Service) is currently assigned
'sysadmin' role. This is mainly to avoid granting exec permissions on
stored procedures - application specific as well as asp.net membership - to
the IIS user.
All database queries are purely stored proc based. The sql server instance
is configured for Windows Authentication only.
Is there a risk associated with the above approach?
Thanks,
Bogdan
I have a sql server express 2005 instance where BUILTIN\Users and
BUILTIN\Administrators are dropped from 'sysadmin' role. This is primarily
for non-asp.net apps (i.e. native apps).
I also have an ASP.NET app that connects to the instance to access a
database. The IIS user (ASPNET or Network Service) is currently assigned
'sysadmin' role. This is mainly to avoid granting exec permissions on
stored procedures - application specific as well as asp.net membership - to
the IIS user.
All database queries are purely stored proc based. The sql server instance
is configured for Windows Authentication only.
Is there a risk associated with the above approach?
Thanks,
Bogdan