Secure features

Secure features are features that you can make inaccessible to databases running on a database server. When a feature is secured (made inaccessible), it is unavailable for use by client applications, database-defined stored procedures, triggers, and events. Secure feature settings apply to all databases running on the database server. Secure features are useful when you need to start a database that could contain embedded logic that you are uncertain of, such as a virus, or when you want to lock down the database server in situations where the database server or the database is hosted by a third-party vendor. The -sf database server option allows you to specify which features you want to secure for databases running on the database server.

Features that are secured by default

When you start a server using the -sf database server option, the following features are secured by default:

manage_security (consists of manage_features, manage_keys, and manage_disk_sandbox)
server security (only disk_sandbox is secured by default; trace_system_event is not secured by default)
manage_server (consists of processor_affinity)

Secure feature keys

A system secure feature key is created by specifying the -sk database server option when creating the database server. Use the sa_server_option system procedure to alter whether features are secured or unsecured once the database server is running. If you start a database without specifying a system secure feature key, the default secure features are secured, and you cannot change the secure feature settings for the database server or any databases running on it. You cannot create the system secure feature key later—you must shut down the database server and specify a system secure feature key when you restart it.

Once you have created a system secure feature key, you can create customized secure feature keys that are assigned to specific users, limiting users' access to only the features secured by the administrator for that key.

The key must be a non-empty string of at least six characters, and it cannot contain double quotes, control characters (any character less than 0x20), or backslashes. There is a limit of 1000 secure feature keys per database server.

Note

The system secure feature key an only be dropped if a customized secure feature key has been created that has both the manage_features and manage_keys secure features enabled.

Customized secure feature keys are managed by using the following system procedures:

sp_create_secure_feature_key system procedure
sp_alter_secure_feature_key system procedure
sp_drop_secure_feature_key system procedure
sp_list_secure_feature_keys system procedure

Secure features

Features that are secured by default

Secure feature keys

Note

See also