Last updated on January 12, 2014
When you absolutely have to use unique permissions while building SharePoint applications; do it the fastest way possible.
In the case of an application where every item in a list is meant to have broken inheritance and uniquely assigned permissions you see a lot of guys doing this. A case where you passed the BreakRoleInheritance method a value of true then looped over the ACL collection of SPRoleAssignments to strip everything off.
A much more scalable practice is to pass false to the BreakRoleInheritance method.
Here’s a great post on what Unique Permissions really mean in SharePoint; “Clarify the Security Scope limits in SharePoint lists,” Joel Plaut 2012. Regarding the limit of unique permissions a List can contain be 50k; “The limit is not the unique combinations of ACLs, but instead the number of times permissions has been broken from a parent.”
Of course the moral of this story is to build SharePoint apps that don’t use unique permissions. But when you have to, do it fast.