的用戶有權限通過sql mail使用sql server的文件嗎?sql mail和 sql代理帳號一樣運行在相同安全條件下。默認情況下,sql代理運行在本地系統帳號下。如果用戶能存取sql server數據庫里的系統擴展存儲過程xp_sendmail,那么就會有安全漏洞了。
通過給系統擴展存儲過程xp_sendmail附加參數,用戶就可以獲得存取服務器上的文件的權限。通過一個方法你就可以保護xp_sendmail:把它封裝倒一個存儲過程中去,使附加參數非public。許可受這個存儲過程的保護,把許可從xp_sendmail中取消。
下面基本的工作模板,你用它就可以保護xp_sendmail:
use master
go
-- =============================================
-- create procedure basic template
-- =============================================
-- creating the store procedure
if exists (select name
from sysobjects
where name = n'sp_sendmail'
and type = 'p')
drop procedure sp_sendmail
go
create procedure sp_sendmail
@in_recipients varchar(8000) = '<default email address>'
,@in_message varchar(8000)= 'test'
,@in_query varchar(8000)= ''
,@in_copy_recipients varchar(8000)= null
,@in_blind_copy_recipients varchar(8000)= null
,@in_subject varchar(80)= 'test'
,@in_type varchar(80)= null
,@in_attach_results varchar(80)= null
,@in_no_output varchar(8)= null
,@in_no_header varchar(8)= null
,@in_width int = 10
,@in_separator varchar(8)= null
,@in_echo_error varchar(8000)= null
,@in_set_user varchar(256) = null
,@in_dbuse varchar(256) = null
as
declare @attachments varchar(8000)
set @in_recipients = '<default dba email address>;' + @in_recipients
exec master..xp_sendmail
@recipients = @in_recipients
,@message = @in_message
,@query = @in_query
,@attachments = ' '
,@copy_recipients = @in_copy_recipients
,@blind_copy_recipients = @in_blind_copy_recipients
,@subject = @in_subject
,@type = @in_type
,@attach_results = @in_attach_results
,@no_output = @in_no_output
,@no_header = @in_no_header
,@width = @in_width
,@separator = @in_separator
,@echo_error = @in_echo_error
,@set_user = @in_set_user
,@dbuse = @in_dbuse
go
-- example to execute the store procedure
execute sp_sendmail
go
-- example to grant permissions to the store procedure
grant execute on sp_sendmail to public
go
revoke execute on xp_sendmail to public
go
新聞熱點
疑難解答
