What is the CLR integration on SQL Server?
Included in SQL Server 2005, the CLR is the heart of the Microsoft .NET framework.
The common language runtime (CLR), also know as SQLCLR, allows you to create database objects (functions, triggers, store procedures, etc.) using .Net Framework (managed code).
CLR integration offers the potential for improved performance.
Managed code is better suited than Transact-SQL for some complex tasks, including string handling and regular expressions. Using the functionality found in the .NET Framework Library, you can have access to thousands of pre-built classes and routines.
By the way, this check is a part of our SQL Server Health Check service.
Why should you care about it?
Many developers who implemented SQL CLR procedures (or other objects) do not understand the consequences of running assemblies in modes other than in the safe mode.
Assemblies created with UNSAFE permission can perform actions that can compromise the security features within the operating system or the SQL Server instance.
How can I check if CLR is enabled?
You can use the script below to check if CLR feature is enabled.
SELECT case when value = 0 then 'Not Enabled' ELSE 'Enabled' END AS Result
FROM sys.configurations
WHERE name = 'clr enabled'
How can I fix it?
You can disabled it running the fallowing script:
sp_configure 'clr enabled', 0
GORECONFIGUREGO
If you need CLR enabled on your SQL Server, it is strongly recommended (best practices) setting CLR strict security to 1.
Upgrading to a newer version of SQL gives you better security options.
More information
Microsoft – Update adds the “CLR strict security” feature to SQL Server.
Microsoft – CLR Integration Code Access Security
Sifiso W. Ndlovu, Impact of CLR Strict Security configuration setting in SQL Server 2017 – SQLShack.
Let our expert SQL Server Consulting team handle the technical complexities, so you can focus on driving your business forward with confidence.
