January 27, 2006 at 1:52 pm
Hello,
I found a difference between CTP and RTM when running a stored procedure based on an assembly with UNSAFE permission set. In RTM you have additionally specify the database option TRUSTWORTHY to be ON to be able to run your code. I also found that the following statement from BOL is not exactly correct.
ms-help://MS.SQLCC.v9/MS.SQLSVR.v9.en/denet9/html/05d7a471-c5d5-4730-b903-e4edc8157bb4.htm
SQL Server 2005 Books Online |
CLR Integration Security |
It says that if the permission set is UNSAFE then:
The execution context corresponds to a SQL Server login. | Attempts to access external resources are denied and a security exception is raised. |
The execution context corresponds to a Windows login and the execution context is the original caller. | The external resource is accessed under the security context of the SQL Server service account. |
I tried that and yes, Windows login was able to run the UNSAFE code, but a low-privileged db_datareader SQL Server login with the Execute permissions on the Unsafe assembly-based stored procedure was also able to run this procedure and log records to Event Log and the text file.
Regards,Yelena Varsha
January 30, 2006 at 8:00 am
This was removed by the editor as SPAM
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply