Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
joblot1976
Starting Member
10 Posts |
 Posted - 2005-06-30 : 03:04:21
|
| If a user is a local admin of the box they can gain full access to the database via integrated security. They can create their own database and attach .MDFHow can i secure the .MDF so that no one can gain access to it? |
|
|
eyechart
Master Smack Fu Yak Hacker
3575 Posts |
Posted - 2005-06-30 : 03:06:31
|
| don't give out local admin to your box.remove BUILTIN/Administrators from the logins area.-ec |
 |
|
|
robvolk
Most Valuable Yak
15732 Posts |
Posted - 2005-06-30 : 07:26:35
|
| It's also important to remember that file security and database security are two completely different things. Locking down the physical SQL Server files does not keep someone out of the database or server, and vice versa. |
|
|
|
joblot1976
Starting Member
10 Posts |
Posted - 2005-06-30 : 19:04:12
|
| But if i distribute MDF in installion cd any client with local admin access or sa access and sql server on the same box can attach this mdf file and access the db. |
|
|
|
byrmol
Shed Building SQL Farmer
1591 Posts |
Posted - 2005-06-30 : 19:17:57
|
| And the problem would be what exactly... If the client pays for the app, they should be able to do whatever the hell they like with THEIR data.... Just ensure your EULA says something along lines of.. "Mess with at own expense"[RANT MODE ON]Nothing pisses me of more than paying for software and not being able to get at MY DATA...[RANT MODE OFF]DavidMA front-end is something that tries to violate a back-end. |
|
|
|
|
|
|
How can i secure my MDF file?