RE: Limiting application's database size

["Stan Guzik" <SGuzik () ImmediaTech com>]

In SQL Server, I'm assuming you are running 2K, there is an option on
the DB to "Automatically grow file".  If this selection is not checked
your SQL DB will not grow meaning you need to monitor the growth
manually.

The above will work but manually monitoring always leads to human error.
There are SQL SP to get the size of the DB and individual tables.  You
can use these SP in you code to notify/email you when your DB is close
to its max, (let's save 20% free space.)



-----Original Message-----
From: Thorpe, Jason (TAD) [mailto:Jason.Thorpe () fta dot gov] 
Sent: Monday, June 28, 2004 9:04 AM
To: webappsec () securityfocus com; security-basics () securityfocus com
Subject: Limiting application's database size

I have a database server that contains several applications.  One of the
applications allow users to enter information into the database without
being authenticated.  My concern is that a malicious script could
quickly
increase the size of the database and thus taking all free disk space on
the
server.  Is there a way to limit the size of the database so that it
will
not affect the other applications?  Or does anybody have any suggestions
on
a way to handle this situation.

DB Server: MS SQL Server, IIS