From Microsoft SQL Server 2012 Database Instance Security Technical Implementation Guide
Part of SRG-APP-000142-DB-000094
Associated with: CCI-000382
SQL Server is capable of providing a wide variety of functions and services. Some of the functions and services, provided by default, may not be necessary to support essential organizational operations (e.g., key missions, functions).
Review the list of user-defined Stored Procedures and Functions by running the following SQL query: EXEC sp_MSforeachdb ' DECLARE @nCount integer; SELECT @nCount = Count(*) FROM [?].sys.objects WHERE type in (''FN'', ''P'') AND is_ms_shipped <> 1; IF @nCount > 0 SELECT ''?'' AS ''Table Name'', * FROM [?].sys.objects WHERE type in (''FN'', ''P'') AND is_ms_shipped <> 1; ' ; If any user-defined Stored Procedures and Functions are unauthorized and therefore should be prohibited or restricted and are not, this is a finding.
To remove a function from SQL Server, run the following SQL Script: DROP FUNCTION <'function name'> To remove a Stored Procedure from SQL Server, run the following SQL Script: DROP PROCEDURE <'stored procedure name'> If the user-defined Stored Procedures and Functions need to remain available, but access needs to be more restricted, then the user-defined Stored Procedures and Functions should be moved to a separate schema or database that has more restrictive access.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer