Microsoft KB Archive/277809

From BetaArchive Wiki
< Microsoft KB Archive
Revision as of 17:27, 18 July 2020 by 3155ffGd (talk | contribs) (importing KB archive)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Knowledge Base


FIX: A Non-Sysadmin May Execute sp_procoption Stored Procedure

Article ID: 277809

Article Last Modified on 3/14/2006


APPLIES TO

  • Microsoft SQL Server 7.0 Standard Edition


This article was previously published under Q277809

BUG #: 57213 (SQLBUG_70)

SYMPTOMS

Microsoft SQL Server Books Online states the following concerning the execution of the sp_procoption stored procedure:

Execute permissions default to members of the sysadmin and setupadmin fixed server roles. Startup procedures must be owned by the database owner in the master database.


This is not the intended behavior. Only logins that are a member of the System Administrators fixed server role should have execute permission on sp_procoption.

STATUS

Microsoft has confirmed this to be a problem in SQL Server 7.0. This problem has been corrected in U.S. Service Pack 3 for Microsoft SQL Server 7.0. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

274799 INF: How to Obtain Service Pack 3 for Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0


For more information, contact your primary support provider.

MORE INFORMATION

To reproduce the problem use these steps:

  1. Open the SQL Server Query Analyzer.

  2. Create the stored procedure in the master database:

    use master
go
create procedure test_proc as
PRINT "Executed test_proc"
go

  3. Add a SQL Server login. The default database for the login is master.

    sp_addlogin @loginame = 'testuser',
    @defdb = 'master'
go

  4. Make the login a member of the Setup Administrators fixed server role.

    sp_addsrvrolemember @loginame = 'testuser', @rolename = 'setupadmin'
go

  5. Give the login access to the master database.

    sp_adduser @loginame = 'testuser'
go

  6. Make the new user a member of the db_owner database role.

    sp_addrolemember @rolename = 'db_owner',
@membername = 'testuser'
go
  7. Open a second connection in the SQL Server Query Analyzer and log in as testuser.

  8. Make the stored procedure created in step 2 a startup stored procedure:

    sp_procoption @ProcName = 'test_proc',
@OptionName = 'startup',
@OptionValue = 'true'
go
  9. When you execute sp_procoption this error message is returned in the SQL Server Query Analyzer:

    Server: Msg 5812, Level 14, State 1, Procedure sp_procoption, Line 254 Permission denied. Only members of the sysadmin role can run RECONFIGURE. All 1 matched objects now have their 'startup' setting as 'true'. Updates were required for 1 objects.

  10. Restart SQL Server, and then view the current SQL Server error logs. The following text is displayed, which verifies that the procedure was executed upon startup:

    Launched startup procedure 'test_proc'
    [autoexec] "Executed test_proc"



Additional query words: Startup stored procedure permission sysadmin execute

Keywords: kbbug kbfix KB277809



Send feedback to Microsoft

© Microsoft Corporation. All rights reserved.


Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/277809&oldid=152178
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki