Home > Archive > MS SQL Server security > January 2006 > Setting up and securing SQL Express in a (potentially) hostile environment









You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

 

Author Setting up and securing SQL Express in a (potentially) hostile environment
Wells Caughey

2006-01-20, 1:23 pm

My company is sort of a hybrid between an ISV and ASP; we write client
applications that get installed on the end-user's machines and we write
server application's that provide data to, and interact with, the client
applications. Our client applications are very data centric and so in our
next release I want to install SQL Express as a component of our client
apps. Once installed, I hope to use merge replication to manage data
transfers between the client app and our datacenter. The only (potential)
problem is that the client apps our written for a mix of in-house and
customer use, and as such, we will not have administrative rights on the
customers' client machines.

Does anyone know how, or even if it is possible or advisable, to install SQL
Express in such a way that I can prevent administrative access to the
database, or more to the point, ensure that security system I setup inside
the database is honored an not bypassed by sysadmin or securityadmin?

Thanks,
Wells


Sponsored Links





Also available: Server administration forum archive | Web Design forum archive | Software forum archive | Hardware reviews archive | Programming forum archive

Copyright 2008 droptable.com