Are there any security issues keeping the .NET PDB files on the real server?
I know that throwing exceptions might take a bit longer , but who throws exceptions during normal execution anyway? :-)
But from a security perspective? any issues?
I think a fair argument is also that not leaving the PDBs on the live servers is a risk. In the case where production is crashing and the problems can't be reproduced on dev or UAT, it's much more time consuming (and perhaps impossible) to diagnose where the error is occurring.
At the very least, the PDBs that match the deployed DLLs should be in a ZIP file on the production server somewhere. They should be easily located by people other than yourself in case you aren't around to assist.
Also see PDB Files: What Every Developer Must Know by John Robbins.