Dave Watts wrote: >>CF and ASP don't play nice. Some of the settings that MS >>recommends for security are against MM policies for CF >>and vice versa. > > Could you indulge me, and provide more detail on this? I haven't seen any > specific setting like this anywhere, yet.
MM recommends to set up IIS to run scripts "in context". MS recommends to set up IIS to run "out of context". This setting is also known as "Run is seperate memory space" and "in/out of process". >>Then there are issues as CF running with different >>credentials from ASP/PHP, i.e. files written by CF may >>not be readable by ASP and vice versa. > > I don't see why that would really be an issue, if you've configured your > ACLs as inheritable; the CF service would write the files to the directory, > and would be CREATOR OWNER, but other accounts with read/execute access > should be able to read and execute the files. Or am I missing something > here? It could work. But will it if you a reseling shared hosting accounts? >>Don't plan on using more as 1 scripting language in an >>application as was possible with CF 5. > > What's changed here? I'm not trying to be a smart-aleck, I'm just curious. OS Sandboxes allowed CF to impersonate a different OS account for each Sandbox. That means that all OS ACL's automatically apply (except for things that use CreateProcess()). WIth MX, everything that CF does is done under 1 OS account. Jochem ______________________________________________________________________ This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
