Application developers in Domain.com create an assembly that contains a CLR function. This CLR function reads data from a spreadsheet, performs some calculations, and returns the data to a SQL Server 2005 computer. You need to register the assembly with SQL Server 2005 by using the CREATE ASSEMBLY statement and the least privileged security permission set. Which permission set should you use?
A.
Default
B.
SAFE
C.
EXTERNAL_ACCESS
D.
UNSAFE
Explanation:
To keep CLR code from running amok, Microsoft created a three-tier security model for how CLR code can be invoked: SAFE, EXTERNAL_ACCESS and UNSAFE. The SAFE permissions set is essentially the same as what a conventional stored procedure would be able to do. It can’t modify anything outside of SQL Server itself. EXTERNAL_ACCESS allows access through .NET to the Registry and the file system. UNSAFE is aptly named. Code marked as UNSAFE can’t do anything, and it should really not be used outside of a debugging or experimental context. Most programmers should never need to use anything higher than EXTERNAL_ACCESS.