Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
omidshf
Starting Member
5 Posts |
 Posted - 2010-01-12 : 08:47:25
|
| Hi friendsI use SQL SERVER 2000. there is a problem with security.I install my Application( that uses SQL SERVER 2000 database) but user can stop the server service and copy my database files to another system and attach to another SQL SERVER 2000 that knows its userid and password and can open database and see my design.How can is solve this problem and prevent this unauthorized access to my database.thanks a lot |
|
|
jackv
Master Smack Fu Yak Hacker
2179 Posts |
Posted - 2010-01-12 : 09:42:46
|
| It sounds like the user has elevated rights.1)Could you post there existing rights?2)What authentication mode are you using?3)Do they have OS rights , for example can they RDP or log on to the OS itself. 4)How are they connecting to the SQL Server? I sit through an app \ dsn or is it it a dsn-less connection?The main thing to think about is revoking their access completely - and then only granting the relevant permissionsJack Vamvas--------------------http://www.ITjobfeed.com |
 |
|
|
omidshf
Starting Member
5 Posts |
Posted - 2010-01-13 : 00:41:24
|
| Hi dear JackMy application is not a big application. it works on Windows XP on a single computer and there is not necessary rights to stop SQL Server service. you can click on the tray icon and stop it and then you can copy the database files to another system.authentication mode is sql server mode.there is not any network and i cant revoke their access.is there any solution to revoke their ability to attach my database to another SQL server? for example by writing a stored procedure and invoking it when a person whants to attach it and check some system information such as registery information or a hardware lock?thanks a lot |
|
|
|
jackv
Master Smack Fu Yak Hacker
2179 Posts |
Posted - 2010-01-13 : 03:59:22
|
| For the first problem - i.e stopping SQL service account and copying MDF\LDF files - you need to ensure that the users are logged onto the computer with rights that do not allow them to stop the service - you can control this via the Windows permissionsYou cannot escape for the situation where the computer admin will have some access to the files. If you are in a situation where you cannot change the user rights on the box - you can look at Digiat Rights Management . This is not offered by SQL Server.Jack Vamvas--------------------http://www.ITjobfeed.com |
|
|
|
|
|
|
Help for more Security