AnsweredAssumed Answered

ST_Raster is a security Risk? Why?

Question asked by tpcolson Champion on Jun 13, 2015
Latest reply on Feb 18, 2016 by George_Thompson-esristaff

Apparently, when enabling ArcGIS Help 10.1 ST_Raster in SQL 2008/12 SDE (10.2 or 10.3) databases, the assembly is set to "Unsafe" by default. Attempts to set it to "Safe" result in

 

Msg 6218, Level 16, State 2, Line 3
CREATE ASSEMBLY for assembly 'libst_raster_sql' failed because assembly 'libst_raster_sql' failed verification. Check if the referenced assemblies are up-to-date and trusted (for external_access or unsafe) to execute in the database. CLR Verifier error messages if any will follow this message
[ : <Module>::.cctor][mdToken=0x6000eeb][offset 0x00000000] initlocals must be set for verifiable methods with one or more local variables.
[ : <Module>::_atexit_m][mdToken=0x6000008][offset 0x00000000] Unmanaged pointers are not a verifiable type.
[ : <Module>::atexit][mdToken=0x6000009][offset 0x00000000] Unmanaged pointers are not a verifiable type.
[ : <Module>::?A0x06aa64bb.??__E?A0x06aa64bb@RCS_Tag@@YMXXZ][mdToken=0x600000b][offset 0x00000000] Cannot modify an imaged based (RVA) static
[ : <Module>::FileSearchNode.{ctor}][mdToken=0x600000c][offset 0x00000000] Unmanaged pointers are not a verifiable type.
[ : <Module>::FileSearchNode.__vecDelDtor][mdToken=0x600000d][offset 0x00000005] Unmanaged pointers are not a verifiable type.
[ : <Module>::FileSearchNode.__vecDelDtor][mdToken=0x600000d][offset 0x0000002B] Unmanaged pointers are not a verifiable type.
[ : <Module>::FileSearchNode.{dtor}][mdToken=0x600000e][offset 0x00000000] Unmanaged pointers are not a verifiable type.
[ : <Module>::FileSearchNode.reset][mdToken=0x600000f][offset 0x00000000] Unmanaged pointers are not a verifiable type.
[ : <Module>::FileSearchNode.alloc][mdToken=0x6000010][offset 0x00000001] Unmanaged pointers are not a verifiable type.
[ : <Module>::?A0x06aa64bb.??__E??_R0PEAD@8@@YMXXZ][mdToken=0x6000011][offset 0x0000000A][found address of value '<CppImplementationDetails>.$ArrayType$$$BY01Q6MXXZ'][expected address of Long] Unexpected type on the stack.
[ : <Module>::?A0x06aa64bb.??__E??_R0PEAD@8@@YMXXZ][mdToken=0x6000011][offset 0x0000000A][found address of value '<CppImplementationDetails>.$ArrayType$$$BY01Q6MXXZ'] Unexpected type on the stack.
[ : <Module>::?A0x06aa64bb.??__E??_R0PEAX@8@@YMXXZ][mdToken=0x6000012][offset 0x0000...

That surely can't be the case?!?!??!  We'll be other-than-ESRI database app customers pretty quickly if we can't use SDE to store 50% of our data.....instructions, as per Install ST_Raster in SQL Server—Help | ArcGIS for Desktop , such as installing it as sysadmin, have been followed. Still an unsafe assembly.


The ESRI-provided SQL script to register the assembly includes these lines, which are both security holes.

CREATE ASSEMBLY esri_raster FROM '$(st_raster_path)' WITH permission_set=UNSAFE
.....
EXEC sp_configure 'clr enabled',1

 

Some shifting of IT security winds are putting a lot of scrutiny on stuff like CLR and unsafe assemblies, not sure why ESRI would push out a product, that pretty soon, no one is going to be able to use due to stuff like this.

Outcomes