开发者

Why does sql server restrict the locations from which you can attach or restore a database from?

开发者 https://www.devze.com 2023-01-12 07:15 出处:网络
I\'m assuming some sort of security constraint, but if I have access to all folders on a PC, why allow some folders and not o开发者_Python百科thers.

I'm assuming some sort of security constraint, but if I have access to all folders on a PC, why allow some folders and not o开发者_Python百科thers.

What is the criteria for a folder being a valid backup / restore / attach folder?

Any advice appreciated!


Is not you who must have access, but the SQL Server service account. The engine must be able to attach the file after a restart when you are not logged in, so it cannot use your credentials, it must use its own credentials.

A valid backup/attach folder is one on which the SQLServerMSSQLUser$ComputerName$InstanceName user has full control. The Setup creates a set of folders that are correctly configured, see Setting Up Windows Service Accounts:

Instid\MSSQL\backup                            Full control
Instid\MSSQL\binn                              Read, Execute
Instid\MSSQL\data                              Full control
Instid\MSSQL\FTData                            Full control
Instid\MSSQL\Install                           Read, Execute
Instid\MSSQL\Log                               Full control
Instid\MSSQL\Repldata                          Full control
100\shared                                     Read, Execute
Instid\MSSQL\Template Data (SQL Server Express only) Read


It matters less what folders you have access to than what folders SQL Server has (or should have) access to. Folders in private locations on the drive (like in a user's home directory) aren't necessarily accessible by the user that SQL Server runs as.

0

精彩评论

暂无评论...
验证码 换一张
取 消