22.6. More Advanced Security
This section is really nothing more than an "extra things to think about" section. All of these fall outside the realm of the basic rules we defined at the beginning of the chapter, but they address ways around some problems and also how to close some common loopholes in your system.
22.6.1. What to Do about the guest Account
The guest account provides a way of having default access. When you have the guest account active, several things happen:
Logins gain guest-level access to any database to which they are not explicitly given access.
Outside users can log in through the guest account to gain access. This requires that they know the password for guest, but they'll already know the user exists (although, they probably also know that the sa account exists).
Personally, one of the first things I do with my SQL Server is to eliminate every ounce of access the guest account has. It's a loophole, and it winds up providing access in a way you don't intuitively think of. (You probably think that when you assign rights to someone—that's all the rights they have. With guest active, that isn't necessarily so.) I recommend that you do the same.
There is, however, one use that I'm aware of where the guest account actually serves a fairly slick purpose—when it is used with application roles. In this scenario, you leave the guest account with access to a database but without any rights beyond simply logging into that database—that is the guest account only makes ...