SQLCLR vs SQL Server 2017, Part 9: Does PERMISSION_SET Still Matter, or is Everything Now UNSAFE?

For SQLCLR in SQL Server 2017 and newer, when "CLR strict security" is enabled, does PERMISSION_SET matter, or are assemblies always UNSAFE?

Safely and Easily Use High-Level Permissions Without Granting Them to Anyone: Database-level

Come see how easy it truly is to "grant" high-level permissions in the safest, most granular, most controllable way.

SQLCLR vs. SQL Server 2012 & 2014 & 2016, Part 7: “CLR strict security” – The Problem Continues … in the Past (Wait, What?!?)

Using SQLCLR on SQL Server 2012, 2014, or 2016? Jealous of the "fun" those on SQL 2017 are having with "CLR strict security"? Come see how you can join the party 😼

Safely and Easily Use High-Level Permissions Without Granting Them to Anyone: Server-level

Come see how easy it truly is to "grant" high-level permissions in the safest, most granular, most controllable way.

PLEASE, Please, please Stop Using Impersonation, TRUSTWORTHY, and Cross-DB Ownership Chaining

Module Signing was introduced in SQL Server 2005, and yet people are still using Impersonation and TRUSTWORTHY. This needs to stop.

SQLCLR vs. SQL Server 2017, Part 6: “Trusted Assemblies” – Whitelisted Assemblies can’t do Module Signing

"Trusted Assemblies", a new feature starting in SQL Server 2017, is a means of whitelisting Assemblies that one feels pose no threat, and can be created (and used) without needing to be a) signed and b) have a corresponding signature-based Login that has been granted the UNSAFE ASSEMBLY permission. In Part 4 of this series… Continue reading SQLCLR vs. SQL Server 2017, Part 6: “Trusted Assemblies” – Whitelisted Assemblies can’t do Module Signing

SQLCLR vs. SQL Server 2017, Part 2: “CLR strict security” – Solution 1

As mentioned in Part 1 of this "SQLCLR vs. SQL Server 2017" series, the new clr strict security server-level configuration option requires that in order to create any Assembly, even a SAFE one, it must be signed (by a Certificate or Strong Name Key), and there must already exist a corresponding Login, based on the… Continue reading SQLCLR vs. SQL Server 2017, Part 2: “CLR strict security” – Solution 1

SQLCLR vs. SQL Server 2017, Part 1: “CLR strict security” – The Problem

The Good, the Bad, and the Ugle̅e̅ (need to avoid copyright infringement 😉 ) (last updated: 2018-10-22 @ 10:40 EDT / 2018-10-22 @ 14:40 UTC ) SQL Server 2017 is soon to be officially released (i.e. RTM) and there are some impressive changes, with some being impressively good, and some being impressively bad. The Good… Continue reading SQLCLR vs. SQL Server 2017, Part 1: “CLR strict security” – The Problem