I'm developing a database that would eventually live on a shared SQL Server 2008 database on the host machine (at hosting provider). I noticed that all the tables and queries are owned by the dbo. I would like to know if this is a security issue when on a shared host. and what is the best practice for assigning ownership of database objects. Should I transfer the ownership of the db objects to the db's admin user in a shared hosting environment?
Thanks
The dbo schema is the admin, or DB owner, schema. It is also the default schema when creating tables unless steps are taken to change it.
You can control the security within the database, even in a hosted environment. You must focus on your security strategy and grant, revoke or deny rights to the objects in the database based on that strategy. Avoiding the dbo schema alone will not improve security.