Geek Answers Handbook

Should I provide the client with a SQL Server account with the db_owner role?

One of our clients requested that the db_owner role be included in the database that their website uses so that they can load a script (ASP page) to run some database changes. Usually logins for databases hosted on our server include only "db_reader" and "db_writer". Is this normal, or should I ask them to send us an sql script to run on their behalf?

Or am I too protected? Thanks

+4
source share
6 answers

I suggest you act as a filter between them and all that they might want to do in the database, for example, load and run these scripts. If they get db_owner and all the hoses, anyway, it's likely your head will be split into an interrupt block to allow them to start from there.

+6
source

I think that I would like to have a service level agreement that would be acceptable to everyone before I give such control over the database. For example, you can indicate that if a client damages its databases in such a way that they cannot fix it, your answer will be limited to restoring it to the backup point of their choice for a certain period of time. You can also require them to maintain a specific technical contact for problems with the database, which will be the first contact for their developers, etc. The SLA should indicate the various risks, including data loss, to inherit the availability of this level of capabilities.

In general, I am in favor of providing more control, and not less, if the client is ready to take responsibility. As a person who uses such services, I know that he can definitely increase productivity if I am allowed to make changes that need to be made without jumping over hoops. I also agree to accept the risks involved, but I clearly know what the consequences are.

+2
source

What scripts do they run?

Instead of giving them direct access, you could provide some kind of interface, as TheTXI suggested. I would be very concerned about giving db_owner access unnecessarily.

Perhaps you are either a member of the team, or depending on the type of scripts, you can provide them with some kind of web interface (so you can at least wrap some kind of check around the script).

But if they directly launch something in the system that you donโ€™t want, they will most likely be on you (whether it is just recovery management or something more serious)

0
source

You can get more licenses with your permissions to let them do what you want. This will depend on how often they want to make changes and how you are responsible for your data. I would not want to give dbo to someone if there wasnโ€™t a really good reason.

Make sure that they own the database not only in the dbo role. If dbchaining is included in another database with the same owner, they can include it in their database and have dbo permissions in that other database.

0
source

Or make them sign an agreement that says: "Any damage you cause to the data or database schema caused by you or anyone registered in the specified db account is not your fault and you cannot be blamed and etc. etc. " At least if they come up with something, that way you are covered and the client remains happy. Although you can tell them a separate login for this, so that they cannot blame incorrect changes to the website code.

0
source

There's a word for database administrators that are overly secure: Busy

The rest is not so much.

0
source

More articles:


All Articles