DBO rights risk

Question

I'm advising a friend who manages a SQL 2k5 box that has several users who have dbo access to multiple databases. The problem is:

1. These users haven't had their passwords changed for some months,
2. These users put their IDs into applications and the applications run as DBO.

So - aside from the obvious dbo rights to add/update/delete tables and procs, what dangers can I cite for a malicious user having dbo to a SQL 2005 database?

I'd like to provide specific scenarios that pose harm to the database and other users. Could a dbo change file allocations on the server? Could a DBO affect other resources not directly connected to that database?

Answer 1

yes. dbo has rights to do whatever it wants on the database. even run xp_cmdshell. and once you can run xp_cmdshell you can do pretty much anything on the system. this is all possible provided dbo has sysadmin rights which by default it has.

Answer 2

Is there an alternative to DBO that will let someone CRUD on tables and procs?

Answer 3

As a clarification, this was SQL Server 2005, and by default xp_cmdShell wasn't authorized for DBO users. I'm still wondering if there are risks beyond the obvious CRUD. What can someone do with DBO?