Gyrus wrote: > > Only, I'm just curious to see if anyone here knows of these CFMX sandboxing > "security issues", whether or not these people are talking sense or not.
So far I have not encountered cases in which CF MX behaved bad with respect to sandboxes. I would be interested if you could persuade them to tell which issues they have exactly. Although I am still quite disappointed that OS sandboxes were dropped (I know, Java issue, no choice, I promise I will stop about it when CF XXL is out :) ), the implementation of sandboxes in CF MX overall has been a happy surprise. Previous versions always felt like sandbox security was something that was added on later and was not integrated into all aspects of the product. With MX, it looks like security has been a consideration from the very start. I would even describe administering sandboxes as intuitive, what could never be said from previous versions. And, very important for a hosting provider, setting up CF MX sandboxes is easy to script. BTW, I think that sandbox configuration is a perfect subject to be beaten to death on a scheduled Q&A. The question what the minimum permissions are one would need to compromise a hosted server should give some better answer 'cfexecute so I can do <cfexecute name="format c:">'. Jochem ______________________________________________________________________ This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
