Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sp_Blitz - correctly check permissions for sys.traces #3597

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from
Open

sp_Blitz - correctly check permissions for sys.traces #3597

wants to merge 1 commit into from

Conversation

Tisit
Copy link
Contributor

@Tisit Tisit commented Dec 9, 2024
edited
Loading

Fix for #3581. The idea here is to check ALTER TRACE permissions on server level and not ALTER on sys.traces itself.

Here is an extended script from the issue. Added third test for sp_Blitz with ALTER TRACE granted. With that we can see DBCC DROPCLEANBUFFERS reported (yeah added it there so no copy, paste, execute into production). It shows the check itself works.

USE master

DBCC DROPCLEANBUFFERS

CREATE LOGIN BlitzTest WITH PASSWORD = 'TestBlitz'
CREATE USER BlitzTest FOR LOGIN BlitzTest
GRANT EXECUTE ON sp_Blitz TO BlitzTest
GRANT VIEW SERVER STATE TO BlitzTest
GO

EXECUTE AS LOGIN = 'BlitzTest'

PRINT 'This works'
EXEC sp_Blitz
PRINT 'This worked'

REVERT

GO

ALTER ROLE db_owner ADD MEMBER BlitzTest

EXECUTE AS LOGIN = 'BlitzTest'

PRINT 'This does not works'
EXEC sp_Blitz
PRINT 'Doesn''t reach here'

REVERT

GO

REVERT

GRANT ALTER TRACE TO BlitzTest

EXECUTE AS LOGIN = 'BlitzTest'

PRINT 'Reports DBCC DROPCLEANBUFFERS'
EXEC sp_Blitz

REVERT

GO

--cleanup
REVERT
DROP USER IF EXISTS BlitzTest
DROP LOGIN BlitzTest

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@Tisit