WebApp Sec mailing list archives
RE: Limiting application's database size
From: "Stan Guzik" <SGuzik () ImmediaTech com>
Date: Mon, 28 Jun 2004 11:01:30 -0400
In SQL Server, I'm assuming you are running 2K, there is an option on the DB to "Automatically grow file". If this selection is not checked your SQL DB will not grow meaning you need to monitor the growth manually. The above will work but manually monitoring always leads to human error. There are SQL SP to get the size of the DB and individual tables. You can use these SP in you code to notify/email you when your DB is close to its max, (let's save 20% free space.) -----Original Message----- From: Thorpe, Jason (TAD) [mailto:Jason.Thorpe () fta dot gov] Sent: Monday, June 28, 2004 9:04 AM To: webappsec () securityfocus com; security-basics () securityfocus com Subject: Limiting application's database size I have a database server that contains several applications. One of the applications allow users to enter information into the database without being authenticated. My concern is that a malicious script could quickly increase the size of the database and thus taking all free disk space on the server. Is there a way to limit the size of the database so that it will not affect the other applications? Or does anybody have any suggestions on a way to handle this situation. DB Server: MS SQL Server, IIS
Current thread:
- Limiting application's database size Thorpe, Jason (TAD) (Jun 28)
- <Possible follow-ups>
- Re: Limiting application's database size Mike . Wiltshire (Jun 28)
- RE: Limiting application's database size Stan Guzik (Jun 28)
- RE: Limiting application's database size Andrew Shore (Jun 28)
- RE: Limiting application's database size Thorpe, Jason (TAD) (Jun 30)
- Re: Limiting application's database size PD9 Software (Jun 30)
- RE: Limiting application's database size Syed Mohamed A (Jun 30)