APX1102 – SUSER_SNAME() and SYSTEM_USER
Description:
This rule evaluates the T-SQL script for using SUSER_SNAME() and SYSTEM_USER.
Consider using ORIGINAL_LOGIN() instead to improve security.
For more information visit
https://stackoverflow.com/questions/37963595/is-suser-sname-less-secure-then-original-login
Example script:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
CREATE TABLE Logs (id INT IDENTITY(1, 1) NOT NULL, Message VARCHAR(250) NOT NULL, Login VARCHAR(30) NOT NULL DEFAULT SYSTEM_USER ); CREATE TABLE States (id INT IDENTITY(1, 1) NOT NULL, State VARCHAR(250) NOT NULL, Login VARCHAR(30) NOT NULL DEFAULT SUSER_SNAME ); CREATE TABLE Logs (id INT IDENTITY(1, 1) NOT NULL, Message VARCHAR(250) NOT NULL, Login VARCHAR(30) NOT NULL DEFAULT ORIGINAL_LOGIN ); |
Message:
Column Login contains SUSER_SNAME() or SYSTEM_USER. Consider ORIGINAL_LOGIN() instead
SQL Shack was created as a community service from ApexSQL, with the goal to share SQL Server knowledge through articles written by SQL Server professionals and community members
Latest posts by SQLShack (see all)
- Best author award in 2021 - January 3, 2022
- Best author award in 2020 - January 5, 2021
- Best author award in 2019 - January 3, 2020