> a shared hosting environment) with SQL server 2000? I know
> not to use the sa account with a null password, but how
> restrictive can/should I get with permissions?
You should be as restrictive as possible! Those are the best practices
whenever you ask a security question - always provide the least amount of
privileges necessary to get the job done.
> Right now on my development machine, I'm using an ODBC
> connection using a SQL server login called "WebApp." That
> login has access to the test database with only the "public"
> db role enabled. Will that suffice as long as this role has
> permission to execute sp's?
That will suffice, although you can probably tighten permissions by revoking
"public" access to all objects within the database, and using the
db_datareader and db_datawriter roles as appropriate.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
phone: 202-797-5496
fax: 202-797-5444
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
