[dba-SQLServer] Preventing System Admins From Accessing Database
Gustav Brock
gustav at cactus.dk
Sat May 4 06:44:11 CDT 2024
Hi David
Oh, I see.
That's not my expertise but one step could be to let your application write the stored procedures as needed and delete them when done.
But maybe you are facing the impossible:
https://stackoverflow.com/questions/9368367/how-to-protect-sql-server-stored-procedures
/gustav
________________________________
Fra: David Emerson <newsgrps at dalyn.co.nz>
Sendt: 4. maj 2024 13:08
Til: 'Discussion concerning MS SQL Server' <dba-sqlserver at databaseadvisors.com>
Cc: Gustav Brock <gustav at cactus.dk>
Emne: RE: [dba-SQLServer] Preventing System Admins From Accessing Database
Thanks Gustav,
We are more concerned with companies trying to copy/sell our software to
others.
Regards
David
-----Original Message-----
From: dba-SQLServer
<dba-sqlserver-bounces+newsgrps=dalyn.co.nz at databaseadvisors.com> On Behalf
Of Gustav Brock via dba-SQLServer
Sent: Saturday, May 4, 2024 5:06 PM
To: Discussion concerning MS SQL Server <dba-SQLServer at databaseadvisors.com>
Cc: Gustav Brock <gustav at cactus.dk>
Subject: Re: [dba-SQLServer] Preventing System Admins From Accessing
Database
Hi David
The obvious and simple method is to ask them to not do that.
Network and db admins are typically so busy that they for sure don't look
for more work, and knowing that your database is your responsibility removes
a potential new task, and they can set a check mark: Maintained by supplier.
That said, I would arrange for a separate instance. That will make
installation, backup, and recovery, and future updating straight-forward.
/gustav
________________________________
Fra: dba-SQLServer
<dba-sqlserver-bounces+gustav=cactus.dk at databaseadvisors.com> på vegne af
David Emerson <newsgrps at dalyn.co.nz>
Sendt: 4. maj 2024 03:02
Til: AccessDSQL <dba-SQLServer at databaseadvisors.com>
Emne: [dba-SQLServer] Preventing System Admins From Accessing Database
Hi Listers,
I have an SQL database which will be installed on a client's server.
Is there a simple way to prevent the client's server system administrators
from accessing the database (specifically changing security settings or
accessing the stored procedures and functions) but still allow me to have
full control over the database?
I am looking at pointers at this stage for me to investigate (eg if I
install a separate instance of SQL Server just for this application can I
have control over the security?)
Regards
David Emerson
Dalyn Software Ltd
Adelaide, Australia
More information about the dba-SQLServer
mailing list