Depending on what your CLR Executable needs to do, you might find that SQL Server and the Framework won't let you deploy it until you alter the Project Permission Level settings. I discuss the nitty-gritty details of code safety in another chapter, but I did want to include a brief description of the types of operations that might prevent your code from running as "Safe"the default setting. Consider that all of the examples implemented so far in this chapter have been run as Safe. I expect that your DBA will appreciate you sticking to CLR executables that are "safe," but this might limit the functionality you need to implement in your CLR code. The other settings allow your application more freedom in what it can do. However, with that freedom comes more responsibility. Under some circumstances, an "Unsafe" CLR executable can bring down SQL Server and the system itself. The three possible settings are:
I also want to quote from the documentationjust to be sure you see this warning in Microsoft's own words:
To this warning, I would like to add that the designations are really backward. That is, "safe" code is really totally untrusted. Because it's untrusted, it won't be permitted to do anything, access anything, or branch anywhere that would cause damage (other than writing garbage to the database, dropping objects, and doing other harm with the scope of the rights granted the user executing the code. On the other hand "Unsafe" code must be totally trusted. Because it's trusted, it is permitted to do anything, anywhere on your system or any system in sight. Exposing Your Intellectual PropertyBy default, Visual Studio 2005 saves the source code for your executable into the system catalogs along with the binary DLL. This means that anyone with access to the deployed database can do something like this (as shown in Figure 13.109):[25]
Figure 13.109. Extracting the source code for a deployed CLR executable.
Okay, now that the data is returned, it's simply a matter of selecting the source from the returned content, saving it to a .VB file, and opening the .VB (or .CS) file with Visual Studio. There, you will see the entire source filecomments and all. Sigh. This means that database you deployed with your CLR executables in place has also given away your business's intellectual property. Why is this? Well, take a look at the output from a typical build (as shown in Figure 13.110). Figure 13.110. The result of a typical build.
Notice that the source code (the .vb file), as well as the binary (.dll) and all of the other files, Visual Studio uses to manage your project are written to the database catalogs. Protecting Your Intellectual PropertySo, how do you protect your IP? Well, according to Microsoft, you can't use Visual Studio to deploy your CLR executableyou'll have to build your own deployment scripts. I'm going to leave the details about how to do this to your DBA. Let's just say that you can get started in this process by scripting the deployed assembly and executable, dropping the assembly and all dependencies, and editing the CREATE ASSEMBLY scriptremoving the ADD FILE statements, as shown in Figure 13.111. Figure 13.111. The unaltered CREATE ASSEMBLY script.Sure, the CREATE ASSEMBLY T-SQL function can take the name of your DLL file, so you don't have to type in the binary representation of the executableunless you're being paid by the hour. |