issuhub.com

Microsoft® SQL Server® 2012 Bible

(Ben Green) #1

498


Part V: Enterprise Data Management


option. Enabling the c2 audit mode option confi gures the SQL Server to all security

related events. You can fi nd all the events by browsing through them in SQL Server Profi ler.

By default, a trace fi le (C2 audit log) is stored in the default SQL Server data directory. The trace fi le rolls over auto-

matically when it reaches 200MB. This continues until the data drive fi lls up or C2 auditing is turned off.

In Management Studio, the c2 audit mode option can be turned on by selecting the

Enable C2 Audit Tracing box in the Server Properties Security tab (refer to Figure 19-8).

In code, to turn on the c2 audit mode option, do the following:

EXEC sp_configure 'show advanced options', 1;

RECONFIGURE;

EXEC sp_configure 'c2 audit mode', 1;

RECONFIGURE;

SQL Server service must be restarted for the c2 audit mode option to take effect.

The C2 auditing mode has been superseded by Common Criteria Compliance. Common

Criteria Compliance can be enabled only by code using the sp_confi gure system stored

procedure:

EXEC sp_configure 'show advanced options', 1;

RECONFIGURE;

EXEC sp_configure 'common criteria compliance enabled', 1;

RECONFIGURE;

SQL Server service must be restarted for the common criteria compliance enabled

option to take effect.

In addition to enabling the option, you also must download and run a script from the Microsoft SQL

Server Common Criteria website at http://www.microsoft.com/sqlserver/en/us/common-

criteria.aspx.

Cross Database Ownership Chaining

By default, all database objects such as table, view, and stored procedure have owners.

When an object references another object, an ownership chain is formed. When the same

user owns the source object and the target object, SQL Server checks permission on the

source objects and not on the target objects.

Cross-database ownership chaining occurs when the source object depends on objects in

another database. Cross-database ownership chaining works in the same way as ownership

chaining in a database, except that an unbroken ownership chain is based on all the object

owners being mapped to the same login account. If your application uses more than one

database and it calls objects from one database based on objects in another database, then

c19.indd 498c19.indd 498 7/30/2012 5:42:59 PM7/30/2012 5:42:59 PM


http://www.it-ebooks.info
Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2025. All rights reserved.