title

Breaking Changes to Database Engine Features in SQL Server 2017 | Microsoft Docs

description

Breaking changes to Database Engine Features in SQL Server 2017

ms.date

11/27/2018

ms.prod

sql

ms.prod_service

high-availability

ms.reviewer

ms.custom

ms.technology

release-landing

ms.topic

conceptual

helpviewer_keywords

breaking changes 2017 [SQL Server]

ms.assetid

author

MikeRayMSFT

ms.author

mikeray

manager

jroth

monikerRange

>=sql-server-2017||=sqlallproducts-allversions||>=sql-server-linux-2017

Breaking Changes to Database Engine Features in [!INCLUDEsssqlv14-md]

[!INCLUDEtsql-appliesto-ss2017-xxxx-xxxx-xxx-md]

This topic describes breaking changes in the [!INCLUDEsssqlv14-md] [!INCLUDEssDE]. These changes might break applications, scripts, or functionalities that are based on earlier versions of [!INCLUDEssNoVersion]. You might encounter these issues when you upgrade.

Breaking Changes in [!INCLUDEsssqlv14-md] [!INCLUDEssDE]

CLR uses Code Access Security (CAS) in the .NET Framework, which is no longer supported as a security boundary. Beginning with [!INCLUDEsssqlv14-md][!INCLUDEssDE], an sp_configure option called clr strict security is introduced to enhance the security of CLR assemblies. clr strict security is enabled by default, and treats SAFE and EXTERNAL_ACCESS CLR assemblies as if they were marked UNSAFE. The clr strict security option can be disabled for backward compatibility, but this is not recommended. When clr strict security is disabled, a CLR assembly created with PERMISSION_SET = SAFE may be able to access external system resources, call unmanaged code, and acquire sysadmin privileges. After enabling strict security, any assemblies that are not signed will fail to load. Also, if a database has SAFE or EXTERNAL_ACCESS assemblies, RESTORE or ATTACH DATABASE statements can complete, but the assemblies may fail to load.
To load the assemblies, you must either alter or drop and recreate each assembly so that it is signed with a certificate or asymmetric key that has a corresponding login with the UNSAFE ASSEMBLY permission on the server. For more information, see CLR strict security.

Previous Versions

Archived Documentation for Very Old Versions of SQL Server

[!INCLUDEArchived documentation for very old versions of SQL Server]

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Breaking Changes to Database Engine Features in [!INCLUDEsssqlv14-md]

Breaking Changes in [!INCLUDEsssqlv14-md] [!INCLUDEssDE]

Previous Versions

Archived Documentation for Very Old Versions of SQL Server

See Also

FilesExpand file tree

breaking-changes-to-database-engine-features-in-sql-server-2017.md

Latest commit

History

breaking-changes-to-database-engine-features-in-sql-server-2017.md

File metadata and controls

Breaking Changes to Database Engine Features in [!INCLUDEsssqlv14-md]

Breaking Changes in [!INCLUDEsssqlv14-md] [!INCLUDEssDE]

Previous Versions

Archived Documentation for Very Old Versions of SQL Server

See Also