Solomon Rutzky investigates what the PERMISSION_SET property does as of SQL Server 2017:
And farther down on that same page, there is a note stating:
Important
The PERMISSION_SET option is affected by the clr strict security option, described in the opening warning. When clr strict security is enabled, all assemblies are treated as UNSAFE.The last sentence in each of those quoted statements certainly does seem to be saying that when “CLR strict security” is enabled, then
UNSAFEis effectively the onlyPERMISSION_SET, or stated another way: thenPERMISSION_SETeffectively no longer has any effect. However, as usual, things are perhaps not so simple given that the wording is not explicitly stating that. It would be rather easy to add a few words to both statements to indicate that thePERMISSION_SETproperty is now being ignored. Other documentation makes similar claims (for example: allow updates Server Configuration Option). So, did they fail to explicitly state this, or was this not stated because it is not what is actually happening?
Read on for Solomon’s answer.