Browse by Tags
All Tags »
CAS (
RSS)
I've seen quite a few articles over the past few months that make the assumption that one can only connect to the hosting database from SQLCLR code running at the SAFE permission level. I can't seem to find any official MSDN documentation that would directly...
Odd exceptions at odd times If you apply a PrincipalPermission attribute to a class in order to restrict the users and/or roles that are permitted to use the class, you may start seeing security exceptions like the following being thrown at unexpected...
Surprise! User instances are a new capability of SQL Server 2005 (Express edition only) that are supposedly intended to allow non-admins to attach database files without requiring additional permissions. This actually works just fine and, at first glance...
I'd been hoping that the details of the SQL CLR CAS permission sets might make it into the SQL Server Books Online or other relevant documentation by the RTM timeframe. Unfortunately, I can't seem to find anything that even begins to resemble a listing...
Finally wrapping up my rebuttal of Shawn's listing of reasons for forcing full trust of assemblies in the GAC... 6.a) "Based upon the assumption that GACed assemblies are receiving FullTrust, tools such as NGEN can have simpler code paths around security...
Continuing with my rebuttal of Shawn's listing of reasons for forcing full trust of assemblies in the GAC... 4. "If an application is hosting the CLR, it has the ability to protect itself from assemblies it doesn't trust to load. For instance, SQL Server...
Continuing with my rebuttal of Shawn's listing of reasons for forcing full trust of assemblies in the GAC... 3.a) "Since you have to be an administrator in order to add an assembly to the GAC, it is already considered special from a security standpoint...
Continuing with my rebuttal of Shawn's listing of reasons for forcing full trust of assemblies in the GAC... 2.a) "By side-effect, assemblies in the GAC did already receive FullTrust." Under default policy only. I'd be one of the first to argue that this...
After introducing a Microsoft plan to force full trust all assemblies in the GAC, Shawn Farkas posted follow-up inviting further feeback. Included in his post are six points explaining some of the reasoning behind the change. In my opinion, none of these...
This post is in response to a Microsoft plan to force full trust all assemblies in the GAC regardless of CAS policy settings. CAS Imagine for a moment that you could find an "intro to CAS" document from Microsoft that gives a simple, clear statement of...
This post is in response to a Microsoft plan to force full trust all assemblies in the GAC regardless of CAS policy settings. For some time now, I've been rather disappointed with the view of code trustworthiness that seems to be generally espoused at...