Click here to monitor SSC
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


Trading in xp_cmdshell for SQLCLR (Part 1) - List Directory Contents


Trading in xp_cmdshell for SQLCLR (Part 1) - List Directory Contents

Author
Message
Jonathan Kehayias
Jonathan Kehayias
SSCrazy
SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)

Group: General Forum Members
Points: 2060 Visits: 1807
Comments posted to this topic are about the item Trading in xp_cmdshell for SQLCLR (Part 1) - List Directory Contents

Jonathan Kehayias | Principal Consultant | MCM: SQL Server 2008
My Blog | Twitter | MVP Profile
Training | Consulting | Become a SQLskills Insider
Troubleshooting SQL Server: A Guide for Accidental DBAs
Carleton
Carleton
SSC-Enthusiastic
SSC-Enthusiastic (180 reputation)SSC-Enthusiastic (180 reputation)SSC-Enthusiastic (180 reputation)SSC-Enthusiastic (180 reputation)SSC-Enthusiastic (180 reputation)SSC-Enthusiastic (180 reputation)SSC-Enthusiastic (180 reputation)SSC-Enthusiastic (180 reputation)

Group: General Forum Members
Points: 180 Visits: 3892
Thanks Jonathan for this very timely article! Can you advise whether this CLR function will work for UNC paths?

Thanks,
Carleton
Phil Factor
Phil Factor
SSC Eights!
SSC Eights! (961 reputation)SSC Eights! (961 reputation)SSC Eights! (961 reputation)SSC Eights! (961 reputation)SSC Eights! (961 reputation)SSC Eights! (961 reputation)SSC Eights! (961 reputation)SSC Eights! (961 reputation)

Group: General Forum Members
Points: 961 Visits: 2953
I thought the install script for this CLR routine was nicely done, and very useful. The Asymmetric Key side is so often left out.

I can see why a CLR routine is better than your xp_cmdshell routine. As I see it, it will only work on specific version of the operating system, with a specific date format. Surely, anyone actually trying to use this code will get in a pickle. Another problem you'll come across is the nesting of the INSERT INTO ... EXEC. It seems unfair to use it as a comparison to the CLR routine, since there are ways around the specificity of the code.

I'm puzzling over the CLR routine. I can't see how you handle the exception that happens when an invalid path is passed to DirectoryInfo. As far as I can see, a NET exception is thrown and just falls back into SQL Server. How does the calling code handle this? The DOS version will politely send back a 'file not found' (depending on language setting etc.) but your CLR routine would surely just barf. Am I missing something?


Best wishes,

Phil Factor
Simple Talk
Jonathan Kehayias
Jonathan Kehayias
SSCrazy
SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)

Group: General Forum Members
Points: 2060 Visits: 1807
Carleton (2/5/2009)
Thanks Jonathan for this very timely article! Can you advise whether this CLR function will work for UNC paths?

Thanks,
Carleton


As long as the SQL Service Account has access to the UNC path, yes. If security needs further abstraction, a windows user could be explicitly impersonated in code to allow only specific users access to the UNC paths as well.

Jonathan Kehayias | Principal Consultant | MCM: SQL Server 2008
My Blog | Twitter | MVP Profile
Training | Consulting | Become a SQLskills Insider
Troubleshooting SQL Server: A Guide for Accidental DBAs
Jonathan Kehayias
Jonathan Kehayias
SSCrazy
SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)

Group: General Forum Members
Points: 2060 Visits: 1807
Phil Factor (2/5/2009)
I thought the install script for this CLR routine was nicely done, and very useful. The Asymmetric Key side is so often left out.

I can see why a CLR routine is better than your xp_cmdshell routine. As I see it, it will only work on specific version of the operating system, with a specific date format. Surely, anyone actually trying to use this code will get in a pickle. Another problem you'll come across is the nesting of the INSERT INTO ... EXEC. It seems unfair to use it as a comparison to the CLR routine, since there are ways around the specificity of the code.

I'm puzzling over the CLR routine. I can't see how you handle the exception that happens when an invalid path is passed to DirectoryInfo. As far as I can see, a NET exception is thrown and just falls back into SQL Server. How does the calling code handle this? The DOS version will politely send back a 'file not found' (depending on language setting etc.) but your CLR routine would surely just barf. Am I missing something?


Phil,

Since I never write bad code, I would never provide it a bad path. Wink

Actually you raise a good point and I'll take a look at how to make it smarter and provide an update script here in comments later on.

Jonathan Kehayias | Principal Consultant | MCM: SQL Server 2008
My Blog | Twitter | MVP Profile
Training | Consulting | Become a SQLskills Insider
Troubleshooting SQL Server: A Guide for Accidental DBAs
katesl
katesl
SSC Journeyman
SSC Journeyman (93 reputation)SSC Journeyman (93 reputation)SSC Journeyman (93 reputation)SSC Journeyman (93 reputation)SSC Journeyman (93 reputation)SSC Journeyman (93 reputation)SSC Journeyman (93 reputation)SSC Journeyman (93 reputation)

Group: General Forum Members
Points: 93 Visits: 473
What is the name for the window with horizontal scroll bar in which the code is presented? Text of article -- window with code -- more article text -- another window ... In every article on sqlservercentral.com that I have read that uses the windows to present code, the windows display less than an inch wide and can't be stretched. Scrolling doesn't help when the window displays less than an inch at a time. Is this window method of setting off the code within the article discussion an improvement on simply using whitespace and switching between fonts? No.

I haven't copied the code from each of the windows and pasted it into a document where I can read it, so I haven't learned from this article. It is CLR, though, that use of CLR makes it harder for a SQL Server administrator to see what's going on with their SQL Server. A SQL Server administrator can see instantly whether xp_cmdshell is enabled, knows the implications of this, and can use T-SQL to find all stored procs with the string 'xp_cmdshell'. Security decisions that aren't transparent to the SQL Server administrator two years down the road when the clever application developer has gone elsewhere are not usually supported. If an application feature causes problems because the administrator doesn't understand it, they often rewrite that feature, calling the rewrite a patch.

_________________
"Look, those sheep have been shorn."
data analyst replies, "On the sides that we can see.."
Phil Factor
Phil Factor
SSC Eights!
SSC Eights! (961 reputation)SSC Eights! (961 reputation)SSC Eights! (961 reputation)SSC Eights! (961 reputation)SSC Eights! (961 reputation)SSC Eights! (961 reputation)SSC Eights! (961 reputation)SSC Eights! (961 reputation)

Group: General Forum Members
Points: 961 Visits: 2953
use of CLR makes it harder for a SQL Server administrator to see what's going on with their SQL Server.

Yes, Agreed! However, I've recently started using NET Reflector with an add-in that allows you to see the source of all the CLR routines currently in the database.
http://www.denisbauer.com/NETTools/SQL2005Browser.aspx
It is a joy to use and it means that the D**ned developers can't hide their code from you, particularly as you can decompile it into VB or C#. and save the source to a file. Power to the DBA!


Best wishes,

Phil Factor
Simple Talk
katesl
katesl
SSC Journeyman
SSC Journeyman (93 reputation)SSC Journeyman (93 reputation)SSC Journeyman (93 reputation)SSC Journeyman (93 reputation)SSC Journeyman (93 reputation)SSC Journeyman (93 reputation)SSC Journeyman (93 reputation)SSC Journeyman (93 reputation)

Group: General Forum Members
Points: 93 Visits: 473
Thank you, Phil Factor! I will be sure to keep the link to NET reflector where I can find it quickly. Now, can you explain those windows? What is wrong with them? Does the author of an article know the code is going to display inside a window less than an inch wide?

_________________
"Look, those sheep have been shorn."
data analyst replies, "On the sides that we can see.."
Jack Corbett
  Jack Corbett
SSChampion
SSChampion (12K reputation)SSChampion (12K reputation)SSChampion (12K reputation)SSChampion (12K reputation)SSChampion (12K reputation)SSChampion (12K reputation)SSChampion (12K reputation)SSChampion (12K reputation)

Group: General Forum Members
Points: 12538 Visits: 14863
katesl (2/5/2009)
Now, can you explain those windows? What is wrong with them? Does the author of an article know the code is going to display inside a window less than an inch wide?


What browser are you using? FireFox is rendering the code blocks correctly on my PC. So it is likely a browser or setting issue. IE 8 also displays them correctly.

Jonathan,

Nice article. Replacement of xp_cmdshell is an excellent reason for using the CLR. Although I have never used xp_cmdshell in any of the database I have worked on.

I would imagine another place to use the CLR would be to replace use of sp_OA... procedures.



Jack Corbett

Applications Developer

Don't let the good be the enemy of the best. -- Paul Fleming
At best you can say that one job may be more secure than another, but total job security is an illusion. -- Rod at work

Check out these links on how to get faster and more accurate answers:
Forum Etiquette: How to post data/code on a forum to get the best help
Need an Answer? Actually, No ... You Need a Question
How to Post Performance Problems
Crosstabs and Pivots or How to turn rows into columns Part 1
Crosstabs and Pivots or How to turn rows into columns Part 2
katesl
katesl
SSC Journeyman
SSC Journeyman (93 reputation)SSC Journeyman (93 reputation)SSC Journeyman (93 reputation)SSC Journeyman (93 reputation)SSC Journeyman (93 reputation)SSC Journeyman (93 reputation)SSC Journeyman (93 reputation)SSC Journeyman (93 reputation)

Group: General Forum Members
Points: 93 Visits: 473
Browser is IE 6 - Windows 2000 Server SP4 -- this is my machine for maintaining legacy applications.

My standard for application design is NOT to have to step outside to find out why it's displaying that way. If the article is not presented clearly, I can comment on that.

_________________
"Look, those sheep have been shorn."
data analyst replies, "On the sides that we can see.."
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search