Minimum database permissions for mojoPortal tu run

This forum is only for questions or discussions about working with the mojoPortal source code in Visual Studio, obtaining the source code from the repository, developing custom features, etc. If your question is not along these lines this is not the right forum. Please try to post your question in the appropriate forum.

Please do not post questions about design, CSS, or skinning here. Use the Help With Skins Forum for those questions.

This forum is for discussing mojoPortal development

This forum is only for questions or discussions about working with the mojoPortal source code in Visual Studio, obtaining the source code from the repository, developing custom features, etc. If your question is not along these lines this is not the right forum. Please try to post your question in the appropriate forum.

You can monitor commits to the repository from this page. We also recommend developers to subscribe to email notifications in the developer forum as occasionally important things are announced.

Before posting questions here you might want to review the developer documentation.

Do not post questions about design, CSS, or skinning here. Use the Help With Skins Forum for those questions.
This thread is closed to new posts. You must sign in to post in the forums.
12/15/2008 3:10:19 AM
Slaven Brumec
Gravatar
Total Posts 55
View Posts

Minimum database permissions for mojoPortal to run

Hello!

Well, although I'm very expirienced with SQL/SPL, OR mapping and all those developer-oriented parts of database management, I have never been DB administrator so forgive me if I ask or say something completely idiotic about that.

And scenario is...

I'd like to run mojoPortal with it's DB user (currently ASP.NET / NETWORK SERVICE) having as small permissions as possible. I tried to assign mojoPortal DB account with roles of ddladmin, datareader and datawriter, however it doesn't work with any role less than dbOwner. Stored procs execution is main problem. Do I have to assign EXECUTE permission for every mojoPortal's SP to mojoPortals DB account or what?

Oh, by the way, I'm using SQL Server 2005 Express in both development and future production environment (at least for some time) and Win XP Pro / Win Server 2003, respectively.

12/15/2008 5:16:55 AM
Joe Audette
Gravatar
Total Posts 18439
View Posts

Re: Minimum database permissions for mojoPortal tu run

Hi Slaven,

During setup and upgrade you need a user with permission to create tables and such so at that time you generally should use a user with dbo permission.

However, you can harden the security of a mojoportal installation on MS SQL after installation. Since the MS SQL version uses stored procedures for everything, in my opinion the best security can be achieved by creating a new sql user and grant only exec permission for all the stored procs. Now this user can't directly access any tables and cannot do any ad hoc queries. There will be some maintenance because after upgrades you will have to give the user exec permission on any new procs in each new version.

I don't recommend using system accounts like NETWORK SERVICE for the db connection string. If you want to use a windows user, create a new user just for this purpose with minimal permission. Myself I generally don't use windows authentication with MS SQL, I configure it for mixed mode and use sql users and sql authentication.

Best,

Joe

12/15/2008 5:31:57 AM
Slaven Brumec
Gravatar
Total Posts 55
View Posts

Re: Minimum database permissions for mojoPortal tu run

Thanks for info about setting permissions on mp DB sprocs.

However, I'm curious why don't you recommend using NETWORK SERVICE account for accessing DB from web app? I mean, it's exactly the account with minimal permissions. So, if you have time and are willing to provide more detailed explanation, I'd like to hear it.

12/15/2008 5:45:14 AM
Joe Audette
Gravatar
Total Posts 18439
View Posts

Re: Minimum database permissions for mojoPortal tu run

You are right, I mean there is nothing really bad about using that account but I prefer not to use accounts that are widely known, built in accounts are well known. So for me its the same as using the Administrator account, better to create your own and disable the well known one. I'm not saying to disable the NETWORK SERVICES account. I'm just saying that hackers know about built in accounts and therefore they tend to be used as attack vectors. You can obscure things a little further by using custom accounts. Its minor point, but in security every little bit can help.

Best,

Joe

You must sign in to post in the forums. This thread is closed to new posts.