Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Limiting Security Risks of Running .NET on SQL Server
Learn how to mitigate the risks associated with .NET on SQL Server
William Sheldon
March 28, 2006
1 Min Read
Does running Microsoft .NET on SQL Server open a whole new set of security risks?
Not really, unless you choose to allow security problems to occur. The first layer of defense is that .NET isn't enabled when you install SQL Server. The next layer of defense has to do with how much power you choose to expose; allowing .NET in SQL Server to call out to Web Services could expose your database engine to a host of problems. But keeping your .NET code-access capabilities ratcheted down to safe level ensures that .NET won't crash your server while still letting you leverage the advantages of .NET on your server. (When you load an assembly into SQL Server, you have three potential security levels: safe, unsafe, and external. You should usually use safe, but when you need limited access to the local file system, Web services or another database, you can use the external setting. I strongly discourage the use of unsafe code.)
About the Author(s)
You May Also Like
.jpg?width=700&auto=webp&quality=80&disable=upscale)
.jpg?width=700&auto=webp&quality=80&disable=upscale)
