Hi,
I understand I should not use the sa account to connect to SQL Server from a
web application that both reads and writes data to SQL Server 2000. Could
someone give an idea how I need to handle this? Thanks.
SamThe sa account has God authority. Consequently, you should use it only for
administration. You can create another login for your web app that has only
the necessary privileges - and no more. Grant it EXEC privileges on the
appropriate stored procs. That's way better than using sa.
Tom
---
Thomas A. Moreau, BSc, PhD, MCSE, MCDBA
SQL Server MVP
Columnist, SQL Server Professional
Toronto, ON Canada
www.pinnaclepublishing.com
"Sam" <sam@.globalwebcentral.com> wrote in message
news:eIBp6d2wEHA.3668@.tk2msftngp13.phx.gbl...
Hi,
I understand I should not use the sa account to connect to SQL Server from a
web application that both reads and writes data to SQL Server 2000. Could
someone give an idea how I need to handle this? Thanks.
Sam
Showing posts with label aweb. Show all posts
Showing posts with label aweb. Show all posts
Monday, March 12, 2012
Need advice on SQL Server Security
Hi,
I understand I should not use the sa account to connect to SQL Server from a
web application that both reads and writes data to SQL Server 2000. Could
someone give an idea how I need to handle this? Thanks.
Sam
The sa account has God authority. Consequently, you should use it only for
administration. You can create another login for your web app that has only
the necessary privileges - and no more. Grant it EXEC privileges on the
appropriate stored procs. That's way better than using sa.
Tom
Thomas A. Moreau, BSc, PhD, MCSE, MCDBA
SQL Server MVP
Columnist, SQL Server Professional
Toronto, ON Canada
www.pinnaclepublishing.com
"Sam" <sam@.globalwebcentral.com> wrote in message
news:eIBp6d2wEHA.3668@.tk2msftngp13.phx.gbl...
Hi,
I understand I should not use the sa account to connect to SQL Server from a
web application that both reads and writes data to SQL Server 2000. Could
someone give an idea how I need to handle this? Thanks.
Sam
I understand I should not use the sa account to connect to SQL Server from a
web application that both reads and writes data to SQL Server 2000. Could
someone give an idea how I need to handle this? Thanks.
Sam
The sa account has God authority. Consequently, you should use it only for
administration. You can create another login for your web app that has only
the necessary privileges - and no more. Grant it EXEC privileges on the
appropriate stored procs. That's way better than using sa.
Tom
Thomas A. Moreau, BSc, PhD, MCSE, MCDBA
SQL Server MVP
Columnist, SQL Server Professional
Toronto, ON Canada
www.pinnaclepublishing.com
"Sam" <sam@.globalwebcentral.com> wrote in message
news:eIBp6d2wEHA.3668@.tk2msftngp13.phx.gbl...
Hi,
I understand I should not use the sa account to connect to SQL Server from a
web application that both reads and writes data to SQL Server 2000. Could
someone give an idea how I need to handle this? Thanks.
Sam
Subscribe to:
Posts (Atom)