Containers: Upgrading SQL Server from 2017 to 2019 RTM

Throughout the pre-release of SQL Server 2019, I was demoing an effectively instant, and magical, container upgrade from 2017 to 2019. However, when I finally downloaded the release bits in a new image, the magic went away. In fact, I got errors, so what happened? Non-root User In SQL Server 2017, the containers were running as root. The thing is, you're basically setting up your instance to run as administrator of the system. We all know that's a no-no. So, in SQL Server 2019, Microsoft fixed this and now the SQL Server instance within the Linux container runs as mssql, much better. However, this immediately causes issues when we're doing an in-place upgrade using a volume on a 2017 container to move to 2019. We're not root any more. Let's…
Read More

SQL Injection Mitigation in SQL Server 2019

SQL Server
I've been teaching a lot more about SQL Injection lately (including blog posts). I've been doing this because, despite this being a 21 year-old problem with well defined solutions, we're still dealing with it. Recently, while sitting in the speaker room at Techorama Netherlands (fantastic event, strongly recommended), I had the opportunity to spend a little time with Niko Neugebauer. I was freaking out because my demos were failing (fixed 'em finally). Niko was talking to me about the new Feature Restrictions and their effect on SQL Injection in SQL Server 2019. I didn't know what he was talking about, so I had to look it up. Of course, top resource, Niko's blog. Feature Restrictions in SQL Server 2019 The Feature Restrictions in SQL Server 2019 are actually being added…
Read More