WebApp Sec mailing list archives

RE: Limiting application's database size

From: "Andrew Shore" <andrew.shore () holistecs com>
Date: Mon, 28 Jun 2004 16:12:19 +0100

Set the database as a fixed size and don't let it grow automatically.

That way the database can not get bigger than its initial size.

 
Andrew Shore
Senior Security Specialist
DDI. 01302 308 165
andrew.shore () holistecs com
 
 
 
Company Number 04943010
VAT Number 828 8635 82
 
 
Holistic Technologies Ltd
Unit 7 Shaw Wood Business Park
Shaw Wood Way
Doncaster
South Yorkshire
DN2 5TB
T. 0870 240 1442
F. 0870 240 1443
www.holistecs.com
 
 
 
 
 
 
 
 
 
 
 
 
 
 

-----Original Message-----
From: Thorpe, Jason (TAD) [mailto:Jason.Thorpe () fta dot gov] 
Sent: 28 June 2004 14:04
To: webappsec () securityfocus com; security-basics () securityfocus com
Subject: Limiting application's database size

I have a database server that contains several applications.  One of the
applications allow users to enter information into the database without
being authenticated.  My concern is that a malicious script could
quickly
increase the size of the database and thus taking all free disk space on
the
server.  Is there a way to limit the size of the database so that it
will
not affect the other applications?  Or does anybody have any suggestions
on
a way to handle this situation.

DB Server: MS SQL Server, IIS

Current thread:

Limiting application's database size Thorpe, Jason (TAD) (Jun 28)
- <Possible follow-ups>
- Re: Limiting application's database size Mike . Wiltshire (Jun 28)
- RE: Limiting application's database size Stan Guzik (Jun 28)
- RE: Limiting application's database size Andrew Shore (Jun 28)
- RE: Limiting application's database size Thorpe, Jason (TAD) (Jun 30)
  - Re: Limiting application's database size PD9 Software (Jun 30)
- RE: Limiting application's database size Syed Mohamed A (Jun 30)