SQL Server Directory Access

Check Description

This check verifies that the following SQL Server directories have limited access to SQL service accounts and local Administrators only:

• Program Files\Microsoft SQL Server\MSSQL$InstanceName\Binn
• Program Files\Microsoft SQL Server\MSSQL$InstanceName\Data
• Program Files\Microsoft SQL Server\MSSQL\Binn
• Program Files\Microsoft SQL Server\MSSQL\Data

The tool scans the access control list (ACL) on each of these folders and enumerates the users contained in the ACL.  If any other users (that is, aside from the SQL service accounts and Administrators) have access to read or modify these folders, the tool marks this check as a vulnerability in the security report.

Additional Resources

SQL Server 7.0 Security

Microsoft SQL Server 2000 Security

⌐ 2002 Microsoft Corporation. All rights reserved.