November 16, 2010 at 1:29 am
Hi all,
I'm considering implementing a SQL CLR to help us perform an operation more effecitvely, I've written the CLR and it provides the necessary functionality and performance increase as I expected, I've got this running on our development server, however I now want to consider moving it to our test server and eventually to our clustered production server.
I Just wondered if anyone had any thoughts on the potential pitfalls or issues I may encounter, such as security etc.
Any comments would be welcome.
Thanks,
Nic
November 29, 2010 at 4:30 pm
Hi Nic,
I'm certainly not an expert on the area of CLR, but I have used and deployed it in a production environment (not a clustered environment though) and these are my thoughts and experiences on the subject:
I like CLR for situations where T-SQL falls short or becomes disproportionally complex. For CLR to work you need to enable it on the server, which could be seen as a security issue.
Personally i think wether this is a security issue or not depends on the accessibility of the servers, is there a realistic possibility that someone can and would deploy "unsafe/dangerous/malicious" code to a server? If not i would not see a real security risk in enabling CLR. (but that could very well just be proving a lack of knowledge on my side, as said i am not an expert)
What might be worth considering is that introducing CLR in a database might increase complexity in maintenance and deployment of the software package. If for instance a back-end system is written using T-SQL triggers, functions and stored procedures etc, introducing CLR means introducing another developing language for which knowledge needs to be available in order to maintain the software.
Also in deployment using CLR could introduce additional aspects that need to be thought of: besides database code, deployment should also take care of placing the dll's in the right location and with the proper accessibility, possibly configure the server for use of CLR.
Willem
Willem
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply