Re: Permission Denied on cf.registry????

Mon, 02 Oct 2000 08:21:29 -0700 


ACK!

DO NOT run ColdFusion as root.  This is very bad.
A CFML application can easily read or write any file on your system.

Just one writable directory in your document root, and a malicious user
can do anything they want.

ColdFusion is not designed to run as root.

-- 
Tom Jordahl                     [EMAIL PROTECTED]
Allaire Development             http://www.allaire.com


William J Wheatley wrote:
> 
> why dont you have your CF running as root? Do you not have root password?
> 
> We run CF ENT 4.5.1 SP1 and it runs fine w/perms as root.
> =) You're messing with fire if you have it running as none root becuase its
> easy to miss something
> and nothing will work because you have to fix perms
> 
> Bill Wheatley
> Director of Development
> AEPS INC
> Allaire Coldfusion Consulting Partner
> www.aeps.com
> www.aeps2000.com
> 954-472-6684 X303
> ICQ: 417645
> 
> ----- Original Message -----
> From: "Tom Jordahl" <[EMAIL PROTECTED]>
> To: "CF-Linux" <[EMAIL PROTECTED]>
> Sent: Monday, October 02, 2000 11:17 AM
> Subject: Re: Permission Denied on cf.registry????
> 
> > > I checked /opt/coldfusion/registry and cf.registry and they both have
> > > the proper permissions masks for root to run/parse them.
> >
> > This is the problem.  The registry is read/written by ColdFusion,
> > which means the ColdFusion user must own and have permission to
> > read/write this directory and files.
> >
> > A reinstall (which is non-destructive) will set the permissions right.
> > Several directories in /opt/coldfusion need to be writable by the CF
> > user.
> >
> >
> > --
> > Tom Jordahl [EMAIL PROTECTED]
> > Allaire Development http://www.allaire.com
> > --------------------------------------------------------------------------
> ----
> > Archives: http://www.mail-archive.com/cf-linux%40houseoffusion.com/
> > To Unsubscribe visit
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_linux or
> send a message to [EMAIL PROTECTED] with 'unsubscribe' in
> the body.
> >
> 
> ------------------------------------------------------------------------------
> Archives: http://www.mail-archive.com/cf-linux%40houseoffusion.com/
> To Unsubscribe visit 
>http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_linux or send a 
>message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/cf-linux%40houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_linux or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

Reply via email to