sql-server - 如何在 SQL Server 中加密函数

Question

如何加密 SQL Server 中的函数，使其不能被其他用户编辑？提前致谢。

Answer 1

使用ENCRYPTION选项:

CREATE FUNCTION testFunction ()
RETURNS int
WITH ENCRYPTION
AS
BEGIN
RETURN 1
END

这意味着定义不会存储在任何易于阅读的地方，例如:

SELECT m.definition
FROM sys.sql_modules m
JOIN sys.objects o 
on M.object_id = o.object_id AND o.type = 'FN' AND o.name = 'testFunction'

将返回 null，如果用户(甚至 sysadmin)尝试使用 SSMS 修改函数，他们将收到一个 MessageBox，说明文本已加密且无法检索。但是，根据 MSDN ,

The definition of functions created by using the ENCRYPTION option cannot be viewed by using sys.sql_modules; however, other information about the encrypted functions is displayed.

和

Applies to: SQL Server 2008 through SQL Server 2016.

Indicates that the Database Engine will convert the original text of the CREATE FUNCTION statement to an obfuscated format. The output of the obfuscation is not directly visible in any catalog views. Users that have no access to system tables or database files cannot retrieve the obfuscated text. However, the text will be available to privileged users that can either access system tables over the DAC port or directly access database files. Also, users that can attach a debugger to the server process can retrieve the original procedure from memory at runtime. For more information about accessing system metadata, see Metadata Visibility Configuration.

Using this option prevents the function from being published as part of SQL Server replication. This option cannot be specified for CLR functions.

您仍应确保维护适当的权限以处理此类情况。您可以更深入地阅读 here .

最后，如果这意味着要发送给您不希望能够访问源的客户端，那么如果他们真的很持久(使用调试器)。