Blog
-
CRYPT_GEN_RANDOM: Generating Cryptographically Secure Random Numbers in T-SQL
While not perfect, the T-SQL function CRYPT_GEN_RANDOM() generates cryptographically secure random number values using the Windows Crypt-API. Read on to get all the details on how to use it and when to avoid it.
-
The Ownership Chaining Quandary or How to Circumvent an Explicit DENY
Ownership chaining is a powerful tool for permission management. However, in some situations it can be misused to gain unauthorized access to a securable. Read on to see this in action.
-
The Ownership Chain – How the Securable Owner affects Permission Enforcement in SQL Server
The ownership chain enables us to setup guarded access in SQL Server. Guarded access means to grant securable access only through a procedure or view. That module can then be used to enforce additional security requirements. Read on to see how the ownership chain makes this possible.
-
The Row Header (A Storage Wednesday Post)
The row header contains metadata describing the row. It contains information about the row type, the column count and a NULL-bitmap. Read on to get all the details.
-
An implicit user creation has failed.
The error message “An implicit user creation has failed.” indicates that SQL Server tried to create a user automatically and failed. Read on to see when and why this happens.
-
Pseudo Random Number Generators
While we can capture true randomness, for typical applications we need a faster way to produce random numbers. Read on to see how in those cases a Pseudo Random Number Generator or Cryptographically Secure Pseudo Random Number Generator can be used.
-
CONTROL SERVER vs. sysadmin – Differences when Creating a Schema
The CONTROL SERVER privilege and a membership in sysadmin are supposed to be equivalent. However, there are substantial differences, e.g. securable ownership. Read on to see what happens when a schema is created by a login with CONTROL SERVER permissions.
-
Random – What does that actually mean?
Random numbers or random number sequences are widely used in our lives (e.g. encryption). But, what makes a random number actually random? Read on to find out.
-
Finding table pages with DBCC IND (A Storage Wednesday Post)
Are you trying to use DBCC PAGE and need a way to find all pages that belong to a table? That is exactly what DBCC IND can help with. Read on to get all the details.
-
Who is the Default Owner of your Database and Server Objects?
When a new securable is created and an owner is not specified, a default owner is set. What server or database principal is used for the owner by default? Read on to find out now.
We can make a database clean and know how to keep it that way. We’ll help you do the same.
From the sqlity.net blog
-
How to identify the SQL Server Service Account in T-SQL
-
How to Change a SQL Login’s Password
-
Hash Algorithms – How does SQL Server store Passwords?
-
How to Re-Create a Login with only a Hashed Password
-
B+Trees – How SQL Server Indexes are Stored on Disk
-
The Hidden SQL Server Gem: UPDATE from SELECT
-
A Join A Day – Nested Joins
-
Determine the Uptime of a SQL Server Instance
-
A Join A Day – The Left Anti Semi Join
-
Log Reuse Waits Explained: LOG_BACKUP
