CLR Stored Procedures

[nitin patel <kota_44 () yahoo com>]

Hi , 

Got a doubt regarding new feature in SQL 2005 .

Security wise genrally we discourage use of powerfull
stored procedures like xp_cmdshell from our 
stored Procedure code and drop them if they are not
requierd .
If it all they are requierd it is recommended to have
access check on those stored procs calling these
powerfull SP's.

In Sql 2005 one can write CLR stored procedures and
produce same functionallity as xp_cmdshell.

My Doubts - 

1) Security wise which one should be preferred ( CLR
or XP_) and why? 

2) In case of using CLR stored procedures what are 
   security pros and cons .

> From what i found it gives more control but is that
controll good enough to recommend it as a secure
alternative .

Thanks in Advance 
Nitin
 





                
__________________________________ 
Start your day with Yahoo! - Make it your home page! 
http://www.yahoo.com/r/hs