Skip to main content

Configuration

Instance-level options

OptionPurposeRecommended
clr enabledMaster switch for CLR integration1 where CLR is used
clr strict securityTreats all assemblies as UNSAFE unless signed/trusted (2017+)Leave 1; sign assemblies
lightweight poolingFiber mode — incompatible with CLR0
EXEC sp_configure 'clr enabled', 1;
RECONFIGURE;

Database-level options

TRUSTWORTHY (avoid)

ALTER DATABASE db SET TRUSTWORTHY ON lets EXTERNAL_ACCESS/UNSAFE assemblies run without signing — and also widens the attack surface of the entire database. Prefer certificate or asymmetric-key signing; see Security.

Assembly permission sets

Set per assembly at CREATE ASSEMBLY time:

  • SAFE — computation only; no external access. Default and preferred.
  • EXTERNAL_ACCESS — files, network, registry, environment.
  • UNSAFE — unrestricted, including unmanaged code.
ALTER ASSEMBLY MyAssembly WITH PERMISSION_SET = EXTERNAL_ACCESS;

Memory and monitoring

CLR memory comes from the SQL Server process. Keep an eye on it with:

SELECT type, pages_kb
FROM sys.dm_os_memory_clerks
WHERE type LIKE '%CLR%';

SELECT * FROM sys.dm_clr_appdomains;
SELECT * FROM sys.dm_clr_loaded_assemblies;

App domains are created per database/owner pair and unloaded under memory pressure — a periodic first-call delay after idle periods is normal.