堆栈内存溢出
  简体   繁体   English

Azure 角色本地存储是否保证不能被下一个使用同一主机的应用程序访问?

[英]Is Azure role local storage guaranteed to be inaccessible to an application that is next to use the same host?

 原文  2011-06-02 12:12:55       windows/ security/ azure/ cloud

问题描述

Suppose my Azure role stores files to the role local filesystem and forgets to delete them.假设我的 Azure 角色将文件存储到角色本地文件系统并忘记删除它们。 Can another application that uses that host in future possibly get access to those files?将来使用该主机的另一个应用程序是否可以访问这些文件?

I've read the whitepaper and it's full of marketing style statements but I can't find a definitive statement about how thoroughly the host machine is "cleaned" before a new role is started on it.我已经阅读了白皮书,其中充满了营销风格的陈述,但我找不到关于在主机上开始新角色之前“清理”主机的彻底程度的明确陈述。

Can I be completely sure that another application won't see changes my application does to the filesystem?我可以完全确定另一个应用程序不会看到我的应用程序对文件系统所做的更改吗?

3 个解决方案

解决方案1
 4 已采纳  2011-06-02 15:35:52

No, it cannot be used by another VM, even accidentally.不,它不能被其他虚拟机使用,即使是意外使用。 The 'scratch' drive that is mounted by your Windows Azure instance is another VHD - data is not written natively to disk.由 Windows Azure 实例安装的“暂存”驱动器是另一个 VHD - 数据不会本地写入磁盘。 So, in order for another instance to read your data, it would have to mount your VHD, which is not possible.因此,为了让另一个实例读取您的数据,它必须挂载您的 VHD,这是不可能的。

解决方案2
 3  2011-06-02 12:32:16

Although I am not sure it's properly documented, I am fairly certain that Windows Azure recycles thoroughly whatever local files haven been dumped by a Role into a VM before letting any other Role access the VM.尽管我不确定它是否已正确记录,但我相当肯定 Windows Azure 在让任何其他角色访问 VM 之前彻底回收角色已将任何本地文件转储到 VM 中。 That's a fairly basic security policy.这是一个相当基本的安全策略。

Then, considering the deployment time on Windows Azure for a new VM (between 6min to 8min) I am pretty sure that the VM itself is pretty much wiped-out clean, not just the local storage, so that whatever by-product files which might have been generated by the OS itself during the execution of the VM does not become available afterward.然后,考虑到 Windows Azure 上新 VM 的部署时间(在 6 分钟到 8 分钟之间),我很确定 VM 本身非常干净,而不仅仅是本地存储,因此无论可能在虚拟机执行期间由操作系统本身生成的,之后不会变得可用。

解决方案3
 2  2011-06-02 12:40:33

Local storage is ephemeral and it is part of specific compute instance.本地存储是短暂的,它是特定计算实例的一部分。 When the instance is recycled\deleted, the local storage is gone.当实例被回收\删除时,本地存储就消失了。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Azure教程 - 如何使用本地blob存储 - Azure tutorial - How to use local blob storage 是否可以丢弃 Azure 角色主机并在不清理的情况下在同一主机上启动它? - Is it possible to trash an Azure role host and get it started on the same host without cleanup? Windows Azure中的本地存储错误 - Local Storage Error in Windows Azure 同一网络中的本地主机连接 - local host connection in same network .NET应用程序的本地数据存储 - Local data storage for .NET application 在 Azure blob 存储中存储我的角色服务 package 有多安全? - How safe is storing my role service package in Azure blob storage? 是使用辅助角色还是Web角色:Windows Azure - Whether to use a worker role or a web role : Windows Azure 当角色崩溃或通过管理 API 重新启动时,Azure 角色主机是否实际重新启动? - Is the Azure role host actually restarted when a role crashes or is restarted via management API? Azure角色终止前是否需要清理本地资源? - Does Azure role need to clean up local resources before terminating? 使用 Azure AD 并在 C# Windows 应用程序中获取应用程序角色 - Using Azure AD and Getting App Role in C# Windows Application
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM