-----Original Message-----
From: Dave Watts <[EMAIL PROTECTED]>
To: '[EMAIL PROTECTED]' <[EMAIL PROTECTED]>
Cc: 'Consultant' <[EMAIL PROTECTED]>
Date: Tuesday, September 12, 2000 9:40 AM
Subject: RE: ISP's Headache: CFFILE
>You have a couple of options.
>...
>2. Configure the CF server so that it doesn't run in the Local System
>security context, which is the default. Then, you can limit read access
on
>files, so that the CF server only has execute rights. This will prevent
>CFFILE from working. To make this relatively easy, you should use the
new NT
>file ACL security interface added in SP 4 or so, which allows you to
get
>very granular with ACL configuration, or better yet use a command-line
ACL
>tool like XCACLS.
Dave,
If I'm assuming correctly the implementation of this:
- Run CF under a user account.
- Allow developer A to access via CFFILE (maybe read & write access)
only specific directories. Give the CF user account necessary NTFS
access rights to allow this.
- Allow developer B to access via CFFILE (maybe read & write access)
only specific directories. Give the CF user account necessary NTFS
access rights to allow this.
Now, say the two developers are running the same off-the-shelf CF
application, such as a shopping cart that (for whatever reason) uses
CFFILE. Wouldn't they still have access to each other's directories
wherever read or right access has been granted to the CF user account?
Jim
------------------------------------------------------------------------------
To unsubscribe, send a message to [EMAIL PROTECTED] with
'unsubscribe' in the body or visit the list page at www.houseoffusion.com
