<< MS PROJECT gbui://mainpage.htm/ Fixed | Home | Who designed MSDB ?? >>

Why GUEST ACCOUNT SQL Server

It has been long time that I am back on my Blog... But trust me I missed it more than it might have missed me..

Okay here is a kwel  finding.. For those who are confused about Guest account in SQL server Databases..

Well we need GUEST account in Master and TEMPDB  ...  because when when we create login that person should get authenticated at least w.r.t Public Profile..  then onwards  suppose if he/she hasnt been added to any Database then he will keep on looking at Master DB from Public profile with no rights or rights conferred on Guest  Account.

IS IT A SECURITY THREAT? Partially  yes .. I feel so thats why I deny permission on all SYS OBJECT in these two Databases for Guest Account..  but it is mandatory to keep Guest account we cant remove it...

I wish Microsoft comes out with some other model and GUest account is taken off  because it effects DBAs thought process more than it effects my SQL Server 

 

 

Print | posted @ Thursday, May 24, 2007 8:36 PM

Comments on this entry:

Gravatar # re: Why GUEST ACCOUNT SQL Server
by Vinod Kumar at 5/24/2007 6:57 PM
Try to disable the GUEST account. That way we are better off ...
Gravatar # re: Why GUEST ACCOUNT SQL Server
by VeerJi wangoo at 5/24/2007 7:06 PM
Even in the 10 step to secure SQL it is not mentioned anywhere except Excessive rights...

https://www.microsoft.com/sql/prodinfo/previousversions/securingsqlserver.mspx

Only place which mentions about the Guest Accounts on Windows and Guest account on Master/tempDb is

http://www.sans.org/top20/2002/mssql_checklist.pdf

Looks better

Your comment:

Title:
Name:
Email:
Website:
 
Italic Underline Blockquote Hyperlink
 
 
Please add 3 and 8 and type the answer here: