Greg Dodd enables another hop:
The main issue with the security is when you map a login on the source server to a destination server. When you do this, you provide anyone who can access the source server access to the linked server. Sure, you can lock it down with different logins in the top section there, but whenever I’ve seen this, people take the lazy option and choose “Be made using this security context:” and fill in an account that has quite privileged access on the linked server. Hopefully you can see the security issue here…
Read on for Greg’s recommendations around this. I mean, it’s just so much easier to give everybody the sa account (and make the password something they can remember like “sa”). That solves all of these silly security issues no problem.
Hang on, someone just dropped an important table on accident again. Be right back.