I’ve seen quite a few articles over the past few months that make the assumption that one can only connect to the hosting database from SQLCLR code running at the SAFE permission level. I can’t seem to find any official MSDN documentation that would directly reinforce this misconception, so I’m guessing that it stems from the limitation of the SqlClientPermission at the SAFE level to only allow use of the following connection strings (with optional specification of the Type System Version parameter): context connection=trueorcontext connection=yes Unfortunately, the documentation for the SqlClientPermission.Add method is a wee bit ambiguous with respect to … Continue reading Hopping databases from the SAFE SQLCLR permission level
Surprise! User instances are a new capability of SQL Server 2005 (Express edition only) that are supposedly intended to allow non-admins to attach database files without requiring additional permissions. This actually works just fine and, at first glance, it probably strikes most folks as a lovely least-privilege accomodation. The unfortunate bit that might not be immediately obvious to the casual user is that this is accomplished by granting the connecting user sysadmin privilege over his user instance. This means that every connection to a user instance is a connection running as sysadmin. So… What’s so bad about connecting as sysadmin? … Continue reading Secure by de…what?
I’d been hoping that the details of the SQL CLR CAS permission sets might make it into the SQL Server Books Online or other relevant documentation by the RTM timeframe. Unfortunately, I can’t seem to find anything that even begins to resemble a listing of the permissions, never mind coverage of some of the pickier details of their assessment and consequences. I’d already started trying to investigate some of this on my own during the beta and, after spending a bit more time with the RTM build (i.e.: pretty much wasting a perfectly good Saturday), here’s what I think I’ve … Continue reading Speculations on the suprisingly under-documented world of SQL CLR CAS permission grants