�$)C
The reason why you can still attach is probably due to the fact that you
are an administrator on the machine. By default, BUILTIN\Administrators
has sysadmin rights to the SQL Server. You can delete the
BUILTIN\Administrators login. Although, this will make SQL Server Agent
fail unless you either add the NT account running that service to the
sysadmin role or edit SQL Agent properties to use SQL authentication. Note
that anyone with access to the mdf and ldf files could still copy those
files off the server and just do an sp_attach to any SQL Server they want
and be able to access a copy of the data. A lot of personnel applications
that I have worked with encrypt important data (such as salaries, social
security numbers, etc) before it is written to the database. This ensures
that the only way to read the data is through the application.
Thanks,
Lisa Greetham
Database Administrator, Corporate Internet Group
Bank One
Bajal Mohamed <[Email Address Removed] 03:08 AM
To
"LazyDBA.com Discussion" <[Email Address Removed] to protect a database from DBAs invasion ????????
Hi Pals,
I have designed database for �!0�Personnel System�!1� and it
is ready for use. Now my boss says that only one
person should have full rights on this database. He
don�!/�t want even myself (as I am a DBA here) to have
access on this Database.
Here we have only one server (Win 2k with SQL 2k).
For this purpose, I have installed new instance and
named it as �!0�Personnel System�!1�, this instance�!/�s �!0�sa�!1�
password is given to my boss. I mean he is the only
one person can access this database now.
But I found that, I can still attach this �!0�Personnel
System�!1� database to another instance of sql server and
open the database fully & modify. By doing this I
realize that our �!0�Personnel System�!1� database is not
protected well from intruders.
Is there is any way to secure a database (from the DBA
though it was designed by him)?.
The main purpose is �!0�my boss don�!/�t want to give me an
access to this database (I am the one SQL Server DBA
here).
Advanced thanks for ur ideas & suggestions
=====
Best Regards,
Bajal Mohamed.
YOUR ATTITUDE IS YOUR ALTITUDE
__________________________________________________
Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, more
http://taxes.yahoo.com/
---------------------------------------------------------------------
TO REPLY TO EVERBODY , PLEASE CLICK REPLY-ALL, NOT JUST REPLY
To unsubscribe, e-mail: mssqldba-[Email Address Removed] additional commands, e-mail: mssqldba-[Email Address Removed] transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you.
MS Sql Server LazyDBA home page