> All directories that contain .cfm files, require SYSTEM > permissions. This is set automatically when CF installs, > but does not take care of the Inetpub directory.
I don't think that the CF install changes permissions on the filesystem; the files placed on the system by the install simply inherit ACLs from parent directories. If you've properly limited those ACLs, you'll have to manually configure them correctly for the new files. As for .cfm file requiring SYSTEM permissions, this is only true if you run CF as SYSTEM. > All services should run under the SYSTEM account as > well to avoid problems getting services to load and > run. Yikes! If you can run a service as a "regular" user, you're much better off doing that than running it as SYSTEM, from a security perspective. With CF, you can do this pretty easily; there's a technote on the MM site and an article on defusion.com. If you run CF as SYSTEM, then every .cfm file is running within the most-privileged security context. This is potentially very bad, and usually unnecessary. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ voice: (202) 797-5496 fax: (202) 797-5444 ______________________________________________________________________ Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm ------------------------------------------------------------------------------ To unsubscribe, send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body or visit the list page at www.houseoffusion.com
