Backup and Restore commands using VDI require sysadmin role membership - by spaghettidba

Status : 

  By Design<br /><br />
		The product team believes this item works according to its intended design.<br /><br />
		A more detailed explanation for the resolution of this particular item may have been provided in the comments section.


6
0
Sign in
to vote
ID 775819 Comments
Status Closed Workarounds
Type Suggestion Repros 0
Opened 1/4/2013 10:34:41 AM
Access Restriction Public

Description

To say it with the documentation's words, "The server connection for SQL Server that is used to issue the BACKUP or RESTORE commands must be logged in with the sysadmin fixed server role. "
This is a serious security flaw. There's no need to assign sysadmin rights to a backup operator.

Sign in to post a comment.
Posted by Isabelle Van Campenhoudt on 3/11/2014 at 8:35 AM
I agree, this should be resolved by the usage of specific user right instead of sysadmin privileges.
Posted by spaghettidba on 2/7/2013 at 10:02 AM
I find it surprising that nobody is concerned about giving sysadmin rights to a backup tool or operator. I understand that it's so by design, but maybe it's time to review the design.
Posted by Microsoft on 2/7/2013 at 9:56 AM
The VDI connection does require Sysadmin permission because the connection itself is capable of more than simply backup commands, and involves shared resources between the client and server.