From: "Paul Ranson" 

I'm using a connection pool which maintains a set of continuous connections
sized to match the capability of the database processing engines.
Retrieving from and returning to the pool is very very cheap. If your code
ensures that connections are returned then your pool is simpler and more
predictable. I don't really see that this is a bad thing, or that a
'connection scavenger' is anything other than an additional complication to
work around bad architecture elsewhere.

Paul

"Adam"  wrote in message
news:42947a4c{at}w3.nls.net...
> Paul Ranson wrote:
>> So that's a specific limitation on your web app. Roll it out to 10000,
>> 100000, 1000000 simultaneous users. Ah.
>>
>
> In which case....speaking of your DoS.....if you were to use your example
> & to open & destruct a dbconn on every "db active"
page & you had 10K,
> 100K or 1M simultaneous users....
>
> Adam
>
>
>> Paul
>>
>> "Adam Flinton"  wrote in message
>> news:429365d5$1{at}w3.nls.net...
>>
>>>Paul Ranson wrote:
>>>
>>>>If your db connection is held in a session then I have a trival DoS
>>>>opportunity. This is nothing to do with C++, rather with unsafe
>>>>practices when writing web apps...
>>>>
>>>
>>>Really? So given you have to login & be authenticated
before the DB conn
>>>is created within the session & that only one session can
exist per user,
>>>I am curious what this DoS attack wwill be.
>>>
>>>
>>>Adam
>>>
>>
>>

--- BBBS/NT v4.01 Flag-5