guest user in master and temp db | SQL Server Performance Forums

SQL Server Performance Forum – Threads Archive

guest user in master and temp db

I was in a process of doing security audit.During this I have found "guest" user for my master,msdb and temp database.This user have no login.So I tried deleting them.While with msdb I am successful but for master and temp db I am unable to delete this user.
Every time I try deleteting them I got an info msg that guest cannot be deleted for master and tempdb.Now I am concerned about security.How much this user can adversly affect security.If it affect then How can I remove this user.
More over the scnerio of my db server is 300 db each db with 2 user "dbo" and "username".Each db has individual login with ‘sa’ and "loginname"
Hi aaronsandy ,<br /><br />please read following thread :<br /><b><a href=’http://www.sql-server-performance.com/forum/topic.asp?TOPIC_ID=9577′ target=’_blank’ title=’http://www.sql-server-performance.com/forum/topic.asp?TOPIC_ID=9577′<a target="_blank" href=http://www.sql-server-performance.com/forum/topic.asp?TOPIC_ID=9577>http://www.sql-server-performance.com/forum/topic.asp?TOPIC_ID=9577</a></a></b><br /><br />[<img src=’/community/emoticons/emotion-1.gif’ alt=’:)‘ />][<img src=’/community/emoticons/emotion-2.gif’ alt=’:D‘ />]<br />HTH<br /><br /><br />Regards<br /><br />hsGoswami<br />[email protected]<br />"Humans don’t have Caliber to PASS TIME , Time it self Pass or Fail Humans" – by Hemant Goswami<br />
After going through the above post I have made a concluding remark.point me if I am wrong.
All logins can see master and temp database and query its system tables.
yes but with restriction hsGoswami
[email protected]
"Humans don’t have Caliber to PASS TIME , Time it self Pass or Fail Humans" – by Hemant Goswami
Yes, Permissions can be applied to the guest user as if it were any other user account. The guest user can be deleted and added to all databases except master and tempdb, where it must always exist. By default, a guest user account does not exist in newly created databases. Avoid using the guest account; all logins without their own database permissions obtain the database permissions granted to this account. Satya SKJ
Moderator
http://www.SQL-Server-Performance.Com/forum
This posting is provided “AS IS” with no rights for the sake of knowledge sharing.
]]>