On Friday 12 October 2001 12:49 pm, you wrote: > Hello, > > I was wondering what the benefits and downfalls would be for enabling > CFFILE on a shared hosting server. > > I have a site that is requesting it and have not enabled CFFILE because > of the potential for uploads of malicious > code or other virus/worm files that can then be executed from the > server. > > Is there a good way of eliminating cross file sharing when you enable > CFFILE so users are not able to upload to other > directories than their own. > > Any infomation on this would be greatly appreciated. > > Thanks > Chang > I'm waiting to see the CFFILE info also...
I just wanted to tell you to watch out for the other tags as well. Just as an example: cfregistry. As much as I found it hard to believe when I was first shown it, there is a 'cfadmin' cfregistry 'hack-script' that will output the decoded admin password from the 'registry' to the browser. I thought for sure that that was only for the windows fools <VBG - j/k> but alas, no - linux has that 'prob' as well. See what happens when you 'borrow' winders stuff (registry) - you get winders 'problems' ;P... Geo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm ------------------------------------------------------------------------------ Archives: http://www.mail-archive.com/cf-linux%40houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_linux or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
