topic Re: ST_Raster is a security Risk? Why? in ArcGIS Enterprise Questions

ST_Raster is a security Risk? Why?

ThomasColson — Sat, 11 Dec 2021 21:11:28 GMT

Apparently, when enabling ArcGIS Help 10.1 ST_Raster in SQL 2008/12 SDE (10.2 or 10.3) databases, the assembly is set to "Unsafe" by default. Attempts to set it to "Safe" result in

Msg 6218, Level 16, State 2, Line 3
CREATE ASSEMBLY for assembly 'libst_raster_sql' failed because assembly 'libst_raster_sql' failed verification. Check if the referenced assemblies are up-to-date and trusted (for external_access or unsafe) to execute in the database. CLR Verifier error messages if any will follow this message
[ : <Module>::.cctor][mdToken=0x6000eeb][offset 0x00000000] initlocals must be set for verifiable methods with one or more local variables.
[ : <Module>::_atexit_m][mdToken=0x6000008][offset 0x00000000] Unmanaged pointers are not a verifiable type.
[ : <Module>::atexit][mdToken=0x6000009][offset 0x00000000] Unmanaged pointers are not a verifiable type.
[ : <Module>::?A0x06aa64bb.??__E?A0x06aa64bb@RCS_Tag@@YMXXZ][mdToken=0x600000b][offset 0x00000000] Cannot modify an imaged based (RVA) static
[ : <Module>::FileSearchNode.{ctor}][mdToken=0x600000c][offset 0x00000000] Unmanaged pointers are not a verifiable type.
[ : <Module>::FileSearchNode.__vecDelDtor][mdToken=0x600000d][offset 0x00000005] Unmanaged pointers are not a verifiable type.
[ : <Module>::FileSearchNode.__vecDelDtor][mdToken=0x600000d][offset 0x0000002B] Unmanaged pointers are not a verifiable type.
[ : <Module>::FileSearchNode.{dtor}][mdToken=0x600000e][offset 0x00000000] Unmanaged pointers are not a verifiable type.
[ : <Module>::FileSearchNode.reset][mdToken=0x600000f][offset 0x00000000] Unmanaged pointers are not a verifiable type.
[ : <Module>::FileSearchNode.alloc][mdToken=0x6000010][offset 0x00000001] Unmanaged pointers are not a verifiable type.
[ : <Module>::?A0x06aa64bb.??__E??_R0PEAD@8@@YMXXZ][mdToken=0x6000011][offset 0x0000000A][found address of value '<CppImplementationDetails>.$ArrayType$$$BY01Q6MXXZ'][expected address of Long] Unexpected type on the stack.
[ : <Module>::?A0x06aa64bb.??__E??_R0PEAD@8@@YMXXZ][mdToken=0x6000011][offset 0x0000000A][found address of value '<CppImplementationDetails>.$ArrayType$$$BY01Q6MXXZ'] Unexpected type on the stack.
[ : <Module>::?A0x06aa64bb.??__E??_R0PEAX@8@@YMXXZ][mdToken=0x6000012][offset 0x0000...

That surely can't be the case?!?!??! We'll be other-than-ESRI database app customers pretty quickly if we can't use SDE to store 50% of our data.....instructions, as per Install ST_Raster in SQL Server—Help | ArcGIS for Desktop , such as installing it as sysadmin, have been followed. Still an unsafe assembly.

The ESRI-provided SQL script to register the assembly includes these lines, which are both security holes.

CREATE ASSEMBLY esri_raster FROM '$(st_raster_path)' WITH permission_set=UNSAFE
.....
EXEC sp_configure 'clr enabled',1

Some shifting of IT security winds are putting a lot of scrutiny on stuff like CLR and unsafe assemblies, not sure why ESRI would push out a product, that pretty soon, no one is going to be able to use due to stuff like this.

Re: ST_Raster is a security Risk? Why?

George_Thompson — Mon, 15 Jun 2015 11:29:36 GMT

Hi Thomas,

I would recommend that you create a case with Technical Support to have this looked into in more detail.

Here is the reference to the other GeoNet post: https://community.esri.com/thread/120204

Thanks!

George T.

Geodatabase Enterprise GIS

Re: ST_Raster is a security Risk? Why?

ThomasColson — Tue, 16 Feb 2016 12:09:50 GMT

I see this isn't fixed with 10.4. http://downloads.esri.com/support/downloads/other_/104-IssuesAddressedList.pdf How could something as simple as digitally signing a dll be so hard for Esri?

Re: ST_Raster is a security Risk? Why?

George_Thompson — Tue, 16 Feb 2016 13:50:52 GMT

Hi Thomas,

I would recommend filling out this form: Report a Security Concern | ArcGIS

Also feel free to visit Trust | ArcGIS with any security related concerns.

Did you ever open a support case?

-George

Re: ST_Raster is a security Risk? Why?

ThomasColson — Thu, 18 Feb 2016 15:11:07 GMT

Yes, on both counts. No response, on both counts.

Re: ST_Raster is a security Risk? Why?

JoshuaBixby — Thu, 18 Feb 2016 15:14:24 GMT

Not surprising, but a sad state of affairs nonetheless.

Re: ST_Raster is a security Risk? Why?

George_Thompson — Thu, 18 Feb 2016 15:18:12 GMT

Thomas,

I just checked and the case that you logged back in Sept of 2015 had an enhancement logged.

It has been closed as a Known Limit:

ST_Raster uses external Win32 APIs for the Esri projection engine and spatial reference system. SAFE permissions cannot access external resources.

Hope this help clear up some of the confusion.

-George