Hi All, We are doing something like this now, but I had not thought about a wrapper for CFFILE. We are experienced Linux administrators. Let me ask if there is interest in this.
If there is enough, I would be willing to invest a few CPU cycles over the next few weeks to working it out. I would post it to the Developer exchange as I feel a little bit guilty for all the great things we have found there, but have not contributed. Consider it an all call request. Respond to the list instead of just to me so I can keep the requests straight in my mind and this will be a personal project to keep me fired up about development. Getting too high in management now. :-) Larry At 01:33 PM 10/15/2001 -0400, you wrote: >Good Points in all accounts. Lemme explore this a little bit (As soon as my >spare cycles equal >0) I'm getting ready for the devcon next week as well as >working on the next gen cf, so, I'll try to figure something out. > >As a side idea before I wander off, it would be possible to write a CFX tag >that would give greater CFFILE control, including authentication. It's not a >task I can take on, but it would be possible. Maybe something like >CFX_CFFILE_DAEMON > >.. > >======================== >Jesse Noller >Linux Fiend >Macromedia Server Development >[EMAIL PROTECTED] > >shotgun debugging: >shotgun debugging n. The software equivalent >of Easter egging; the making of relatively >undirected changes to software in the hope >that a bug will be perturbed out of >existence. This almost never works, and usually introduces more bugs. > >-From the Jargon File. > > > -----Original Message----- > > From: Peter Amiri [mailto:[EMAIL PROTECTED]] > > Sent: Monday, October 15, 2001 1:05 PM > > To: CF-Linux > > Subject: RE: CFFILE usage on a shared CF server > > > > > > Jesse, > > > > I think many people would agree that in a shared environment > > they should > > disable CFREG. I don't think many will disagree with this > > one, but I think > > the second part of this is where everyone is having > > difficulty. Many people > > using CF use it's capabilities to easily upload files to the > > server. Many > > people running shared CF hosting servers find themselves in > > the position > > that this is an absolute requirement by their customers. > > Frankly as a CF > > programmer, I agree with their point of view and consider > > CFFILE a necessity > > in most systems. > > > > Let me also say that I don't think this is a CF on Linux > > issue so much as it > > is a CF issue. Basically the engine runs under a single user > > account. All > > access to the file system, regardless of platform, is > > regulated by that > > single user account. This brings us to the question at hand. > > As hosting > > providers we find ourselves in a position that we need to > > enable CFFILE. I > > think we are all asking for a best practices approach to how to enable > > CFFILE in a shared hosting environment. > > > > -Peter Amiri > > [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> > > www.amiri.net <http://www.amiri.net> > > > > --------------------------------------------- > > So powerful is the light of unity that it can > > illuminate the whole earth. > > --Baha'i Faith (http://www.us.bahai.org) > > --------------------------------------------- > > > > > -----Original Message----- > > > From: Jesse Noller [mailto:[EMAIL PROTECTED]] > > > Sent: Friday, October 12, 2001 2:14 PM > > > To: CF-Linux > > > Subject: RE: CFFILE usage on a shared CF server > > > > > > > > > Or just move the CFIDE directory out of the web root. > > > > > > mv /var/www/html/CFIDE /opt/coldfusion > > > > > > Viola. Sides, in a shared environment, you can lock CF down > > to a private > > > username, disable the needed tags (CFREG and CFFILE if you > > > desire) and your > > > pretty locked down. > > > > > > The "registry" is nothing more than a flat text file used for > > > configuration > > > guidelines like the httpd.conf, smb.conf, etc files. Nothing > > > 'special' about > > > it. Yes, it stores a hashed password on it. That's why in a shared > > > environment, it is important to evaluate what tags you > > would like to 'not > > > use'. > > > > > > Yes, this is not a perfect solution, however, it is > > currently the only > > > option available. > > > > > > > > > -Jesse > > > > > > -----Original Message----- > > > From: Dave Watts [mailto:[EMAIL PROTECTED]] > > > Sent: Friday, October 12, 2001 4:38 PM > > > To: CF-Linux > > > Subject: RE: CFFILE usage on a shared CF server > > > > > > > > > > Hrm. I was referring more to the fact that a 'registry' was > > > > used in Linux as well. And that there is a script floating > > > > around that someone with shared access can upload, and then > > > > run, and output the cfserver's admin password to the browser... > > > > I didn't mean that cfregistry was bad, or that windows was > > > > bad (tho I prob. thought that one <g>), but that since there > > > > is no Adv. Sec. for CFLinux, to not allow this tag to be > > > > available if you're gonna share CFLinux Hosting... > > > > > > Well, I don't have a lot of experience with CF on Linux, but if > > > it's like it > > > is on Solaris, the "registry" is just a text file that CF uses to > > > store its > > > configuration info. This isn't used by anything other than CF. I > > > agree with > > > you that you might want to disable CFREGISTRY if you're setting > > > up a shared > > > host. > > > > > > Rather than relying on the CF Administrator password for > > > security, you might > > > be better off simply setting up the CF Administrator to run > > on a separate, > > > protected virtual server using .htaccess and SSL to prevent > > unauthorized > > > users getting into it. > > > > > > Dave Watts, CTO, Fig Leaf Software > > > http://www.figleaf.com/ > > > voice: (202) 797-5496 > > > > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm ------------------------------------------------------------------------------ Archives: http://www.mail-archive.com/cf-linux%40houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_linux or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
