Security

Depending on the deployment method, you have numerous ways to specify what security level to grant a CLR assembly. All of them demand that you specify one of three permission sets:

  • Safe Assembly can perform local data access and computational tasks only.

  • External_Access Assembly can perform local data access and computational tasks and also access the network, the file system, the registry, and environment variables. Although External_Access is less restrictive than Safe, it still safeguards server stability.

  • Unsafe Assembly has unrestricted permissions and can even call unmanaged code. This setting can significantly compromise SQL Server security; only members of the sysadmin role can create (load) unsafe assemblies. Also note the TRUSTWORTHY ...

Get Programming Microsoft® SQL Server® 2012 now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.