Security risks of setting trustworthy = on in sql server 2012

Question

I get the following errors in my development database:

A .NET Framework error occurred during execution of user-defined routine or aggregate \"SpCreateTable\         


        

Answer 1

Setting TRUSTWORTHY ON opens a potential security breach by allowing any code to reach external resources under database impersonation context. It's perfectly fine to allow your DB to access protected network shares using a code you're in control of, however it might be not that wise to allow the same for any code.

Setting this flag just opens a door for anyone gained dbo permissions for a particular DB as you might register any assembly and it'll have DB impersonation context at its discretion.