Information
The public database role contains every user in the msdb database. SQL Agent proxies define a security context in which a job step can run.
Rationale:
Granting access to SQL Agent proxies for the public role would allow all users to utilize the proxy which may have high privileges. This would likely break the principle of least privileges.
Impact:
Before revoking the public role from the proxy, ensure that alternative logins or appropriate user-defined database roles have been added with equivalent permissions. Otherwise, SQL Agent job steps dependent upon this access will fail.
Solution
Ensure the required security principals are explicitly granted access to the proxy (use sp_grant_login_to_proxy).
Revoke access to the <proxyname> from the public role.
USE [msdb]
GO
EXEC dbo.sp_revoke_login_from_proxy @name = N'public', @proxy_name = N'<proxyname>';
GO
Default Value:
By default, the msdb public database role does not have access to any proxy.