> I need to execute a DOS command from within ColdFusion. After looking
> over the archives, it seems like I have 3 possible solutions:
>
> CFEXECUTE (if I upgrade to 4.5),
> CFX_ShellExec, and
> CFX_ConsoleCommand
>
> Can someone enlighten me as to the security risks involved with each and
> the pros vs cons? Would it be possible for someone to malicously
> execute a "FORMAT" of the server hard drive using any of the above
> options?
I can only speak for the last one authoritatively, but YES. Oh Yes. :)
I have so much stuff I have to get finished right now it's not funny, but...
maybe over the weekend I could make a version of cfx_consolecommand that
would only execute .bat files. Theoretically that would be a bit safer than
a naked cli.
--min
------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
