NETWORK SERVICE permission for the database

I'm just wondering if there is a good idea to grant NETWORK SERVICE permission to the MSSQL database, can it open any security holes? Then I don't need to set any login options in my web application config file (ASP.NET MVC), I go with integrated permission.


source to share

1 answer

Looking at MSDN , the Windows Network Service Account has least privilege on windows and acts like a computer on the network.

But I personally believe that if you are using it for personal development, then it is okay to use a network service to access the database (if they are on the same machine). You may need to set up your web application's application pool in order to use this service in order for the web application to authenticate with SQL Server.

But if it's for an enterprise, I would suggest that you create a separate domain account and use that domain account for SQL Server and web application. This way, you have better control over that account, as well as permissions, and are less likely to know that you have granted more than the default Windows account permissions require.



All Articles