You'll probably get a better answer in the Mach-II forum. [EMAIL PROTECTED]
> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf > Of Lamotte Denis > Sent: Tuesday, November 02, 2004 6:08 AM > To: [EMAIL PROTECTED] > Subject: [CFCDev] Mach-ii security question > > > I was wondering if we do not have to add application scope readonly to > last > line of the mach-ii.cfm file to avoid any end user to overwrite the mach- > ii > App intentionally or not. > > <cflock name="application[MACHII_APP_KEY]" type="readonly" > > <cfset > application[MACHII_APP_KEY].appLoader.getAppManager().getRequestHandler( ). > ha > ndleRequest() /> > </cflock> > > I have some user that have access at some view to personalize them. > Can a people overwrite accidentally this object even to replace it with a > modified "mach-ii app" to get some password or any other event? > > It's just a though , I don't test anything yet. > > Best regards > > Denis > > ---------------------------------------------------------- > You are subscribed to cfcdev. To unsubscribe, send an email > to [EMAIL PROTECTED] with the words 'unsubscribe cfcdev' > in the message of the email. > > CFCDev is run by CFCZone (www.cfczone.org) and supported > by Mindtool, Corporation (www.mindtool.com). > > An archive of the CFCDev list is available at www.mail- > archive.com/[EMAIL PROTECTED] ---------------------------------------------------------- You are subscribed to cfcdev. To unsubscribe, send an email to [EMAIL PROTECTED] with the words 'unsubscribe cfcdev' in the message of the email. CFCDev is run by CFCZone (www.cfczone.org) and supported by Mindtool, Corporation (www.mindtool.com). An archive of the CFCDev list is available at www.mail-archive.com/[EMAIL PROTECTED]
