Re: code access security



thanks alberto

I had already tried the ACCESS EXTERNAL route - but that gives me a compile
time error :

Error 1 CREATE ASSEMBLY for assembly 'GmsSqlClr' failed because assembly
'GmsSqlClr' is not authorized for PERMISSION_SET = EXTERNAL_ACCESS. The
assembly is authorized when either of the following is true: the database
owner (DBO) has EXTERNAL ACCESS ASSEMBLY permission and the database has the
TRUSTWORTHY database property on; or the assembly is signed with a
certificate or an asymmetric key that has a corresponding login with
EXTERNAL ACCESS ASSEMBLY permission. If you have restored or attached this
database, make sure the database owner is mapped to the correct login on
this server. If not, use sp_changedbowner to fix the problem. GmsSqlClr

The dbo ( me ) does have EXTERNAL ACCESS permissions and the db is set as
TRUSTWORTHY and the assembly is signed but still no sugar.
Although regarding signing, I am not sure about the "corresponding login"
bit - how is a login associated with a key and how do I find out who it is ?
I would assume that login would be me as I am the one created the key.

Since this is to be used in an isolated/controlled envirnment - is there any
way to just shut CAS off altogether ?

Gerry


"Alberto Poblacion" <earthling-quitaestoparacontestar@xxxxxxxxxxxxx> wrote
in message news:%23U%23oJvY6JHA.1424@xxxxxxxxxxxxxxxxxxxxxxx
"gerry" <germ2@xxxxxxxxxxxxxxxx> wrote in message
news:ObD4BPU6JHA.1372@xxxxxxxxxxxxxxxxxxxxxxx
vs2008 sp1
.net 3.5sp1

I am taking a 1st stab at SQLCLR and after years of .net development have
finally run into CAS.

Trying to access Environment.MachineName() generates the following
exception :

Request for the permission of type
'System.Security.Permissions.EnvironmentPermission, mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'
failed.

Google turns up lots of hits for this but so far nothing that explains
how to get around it.

So now I am looking for sources on handling these types of security
issues.

Basically, Sql Server is creating an AppDomain in which it loads your
code. The permissions that it grants to the AppDomain are restricted by
default, and that's why your code doesn't have the EnvironmentPermission.

The way around it, in this case, is to request more permissions from
Sql Server when you install your assembly. When you execute the CREATE
ASSEMBLY statement to install your assembly into the database, add the
"... WITH PERMISSION_SET = EXTERNAL_ACCESS" clause. This will grant
EnvironmentPermission to this assembly.



.