Category: Security Pitfalls
-
OPEN SYMMETRIC KEY – Avoid the NULL Ciphertext Trap
Don’t get caught in this nasty trap that will cause all your encrypted data to be wiped out. Discover how to use the OPEN SYMMETRIC KEY statement correctly to protect yourself (and your data) from this ugly surprise.
-
The Ownership Chaining Quandary or How to Circumvent an Explicit DENY
Ownership chaining is a powerful tool for permission management. However, in some situations it can be misused to gain unauthorized access to a securable. Read on to see this in action.
-
An implicit user creation has failed.
The error message “An implicit user creation has failed.” indicates that SQL Server tried to create a user automatically and failed. Read on to see when and why this happens.
-
CONTROL SERVER vs. sysadmin – Differences when Creating a Schema
The CONTROL SERVER privilege and a membership in sysadmin are supposed to be equivalent. However, there are substantial differences, e.g. securable ownership. Read on to see what happens when a schema is created by a login with CONTROL SERVER permissions.
-
The Unexpected Security Implications for Role Owners
In SQL Server a server or database role can have an owner specified. Are you aware of the security implications of specifying a role owner? Read on to find out now.
We know how to keep a database secure. We’ll do the same for you.
From the sqlity.net blog
-
How to identify the SQL Server Service Account in T-SQL
-
How to Change a SQL Login’s Password
-
Hash Algorithms – How does SQL Server store Passwords?
-
How to Re-Create a Login with only a Hashed Password
-
B+Trees – How SQL Server Indexes are Stored on Disk
-
The Hidden SQL Server Gem: UPDATE from SELECT
-
A Join A Day – Nested Joins
-
Determine the Uptime of a SQL Server Instance
-
A Join A Day – The Left Anti Semi Join
-
Log Reuse Waits Explained: LOG_BACKUP
