May 2, 2014 at 6:25 am
Hi,
I verified one of the vendor database which was hosted 2 months back.
There are total 96 CLR_SCALAR_FUNCTION and CLR_STORED_PROCEDURE are created at database side..
But all objects are accessing UNSAFE mode.. Is it really required this unsafe permission for all object?
It may using system resource, dlls and registry level. Pls. guide me for how can ask to vendor to change the SAFE or External access from UNSAFE?
Version - SQL 2008 R2 64 bit
DotNet - 3.5
Thanks
ananda
May 2, 2014 at 7:06 am
for my personal CLR collection, the UNSAFE/EXTERNAL/SAFE designation is assigned at the project (dll) level, and not against individual procedures/functions.
So all my CLR's are under a single project. that project has 30-40 procs or functions in it; but actually only a few really required UNSAFE settings to work.
the problem is, to make some of them SAFE, and some UNSAFE, and some just EXTERNAL, you need multiple projects...pull out the safe ones into one project, leave the unsafe ones in the other, etc;
taken to the extreme, your example would require pulling out each of the 96 items to their own 96 projects to evaluate whether they really need UNSAFE or not; I'd expect a lot of push back against something like that.
maybe you could just review the code itself for mischief; i think a knee jerk reaction of "UNSAFE == bad" might not be the right approach.
Lowell
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply