cancel
Showing results for 
Search instead for 
Did you mean: 

How can one database prevent another from being started on the same engine?

Breck_Carter
Participant
5,777

This is a question about protecting an embedded database from external Forces Of Evil.

Let's say server S has started database D, and there is a DatabaseStart event in database D that checks to make sure it's the ONLY database running on S; e.g., it checks that sa_db_info() returns only one row.

So far so good.

Now, let's say some external agent tries to tell server S to start another database D2. How can code inside database D prevent that from happening?

External layers of protection are not sufficient; e.g., dbsrv11 -gd, -xd, cool stuff like that. Alas, the "external agent" can modify the dbsrv11.exe command line, but not the code inside database D, and that's where the protection must reside.

Note that the DatabaseStart event inside D only fires when D starts, not D2... there is no concept of server-level events ( that I know of 🙂

An answer which begins "Don't bother" is welcome, but will not get a green checkmark 🙂

MarkCulp
Participant
0 Kudos

Interesting question that I have not thought about before... Can you expand on the reason why you want to make sure that there is no other database running on the same server?

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member

This sounds like a tough problem -- you control the database but without control over the server command line or server the database is loaded in, it is hard to give the protection you are asking for. The following are partial or inadequate solutions but the best I have thought of so far:

  1. Require certain properties of the server command line and refuse to start if these are not present. For example, examine PROPERTY('StartDBPermission') in a login procedure and fail the login if the property doesn't match what you expect.
  2. Use a period event to monitor the databases running on the server and "do something" if another one were started.
  3. Pre-emptively load the maximum number of databases when your database starts (I think this is 255). These could be small dummy databases, but there is an overhead to loading these even if there are no connections. Attempts to start other databases would fail.

Like @Mark I would be interested in more details of what you would like to accomplish. I wondered if secure features might be an answer here but I didn't see a way to secure the stop/start database feature (maybe I missed it).