Server public permissions

Applies to: SQL Server

This rule determines whether the public server role has server permissions. Every login that is created on the server is a member of the public server role. If this condition is met, every login on the server will have server permissions.

Best practices recommendations

Don't grant server permissions to the server public role.

Important

After setup completes the PUBLIC role has CONNECT permission on all the endpoints except the Dedicated Admin Connection. This is normal and should not be normally changed. (Access is controlled by using the CONNECT SQL permission which is automatically granted when new logins are created.)

For more information

Securing SQL Server