Luouy~羽林
学问如逆水行舟,不进则退; 有知识的人不实践,等于一只蜜蜂不酿蜜; 我们可以由读书而收集知识,但必须利用思考把糠和谷子分开

在设置服务器的时候,记得用到这个

在SQL SERVER 2000中,可以通过 exec master..sp_dropextendedproc 方法删除系统扩展存储过程。然而,到2005后,因为有些系统扩展存储过程系统也要使用,因此,就不能删除了,可以采用

以下是网上流传的一些“危险”的存储过程

deny execute on [系统扩展存储过程名] to [角色]

deny execute on xp_cmdshell to public
deny execute on xp_dirtree to public
deny execute on xp_fileexist to public
deny execute on xp_getnetname to public
deny execute on sp_oamethod to public 
deny execute on sp_oacreate to public 
deny execute on xp_regaddmultistring to public 
deny execute on xp_regdeletekey to public 
deny execute on xp_regdeletevalue to public 
deny execute on xp_regenumkeys to public 
deny execute on xp_regenumvalues to public
deny execute on xp_regread to public 
deny execute on xp_regwrite to public 
deny execute on xp_readwebtask to public 
deny execute on xp_makewebtask to public 
deny execute on xp_regremovemultistring to public 
deny execute on sp_OACreate to public
deny execute on sp_addextendedproc to public
然后,我们可以通过下列的方法,查看系统扩展存储过程的禁用情况

select dp.NAME AS principal_name,
       dp.type_desc AS principal_type_desc,
       o.NAME AS object_name,
       p.permission_name,
       p.state_desc AS permission_state_desc 
from    sys.database_permissions p
left    OUTER JOIN sys.all_objects o
on     p.major_id = o.OBJECT_ID
inner   JOIN sys.database_principals dp
on     p.grantee_principal_id = dp.principal_id
and p.grantee_principal_id=DATABASE_PRINCIPAL_ID('public')

posted on 2011-10-13 11:32  羽林.Luouy  阅读(2367)  评论(0编辑  收藏  举报