How to grant a user UNSAFE ASSEMBLY permission

How can we assign a user , e.g.: the database owner (DBO) the UNSAFE ASSEMBLY permission?

I'm asking it to enable a user to create an assembly and don't know the SA password, so EXEC sp_changedbowner ‘sa’ can't help.

Any idea?

Thank you.

Only users mapped to a login that's a member of the sysadmin fixed server role can create and alter an assembly with an UNSAFE permission set defined. Therefore, to achieve your desired result you would have to add that respective login to the sysadmin fixed server role.

BOL reference on CREATE ASSEMBLY:


Specifying UNSAFE enables the code in the assembly complete freedom to perform operations in the SQL Server process space that can potentially compromise the robustness of SQL Server. UNSAFE assemblies can also potentially subvert the security system of either SQL Server or the common language runtime. UNSAFE permissions should be granted only to highly trusted assemblies. Only members of the sysadmin fixed server role can create and alter UNSAFE assemblies.

StackExchange Database Administrators Q#28047, answer score: 8