Post reply

PBE security and possible information disclosure

  • April 5, 2017 at 3:02 am

    #320216

    Has anyone looked into the security aspects of the Buffer Pool Extension? 
    My concern is that on a "Cloud" VM, there may be a possible disclosure of information if the VM is turned off before the SQL Server Service gracefully shuts down, leaving the clean page content of the BPE readable on the local / ephemeral SSD storage.

    Any thoughts?

    😎

  • April 5, 2017 at 11:35 am

    #1936875

    Eirikur Eiriksson - Wednesday, April 5, 2017 3:02 AM

    Has anyone looked into the security aspects of the Buffer Pool Extension? 
    My concern is that on a "Cloud" VM, there may be a possible disclosure of information if the VM is turned off before the SQL Server Service gracefully shuts down, leaving the clean page content of the BPE readable on the local / ephemeral SSD storage.

    Any thoughts?

    😎

    Sounds like another good reason to avoid using a VM for a SQL instance.

    Steve (aka sgmunson) 🙂 🙂 🙂
    Rent Servers for Income (picks and shovels strategy)

Viewing 2 posts - 1 through 1 (of 1 total)

You must be logged in to reply to this topic. Login to reply