Actually that's not strictly true Doug. It would be more secure to run ColdFusion under a specific user that only has the rights it requires to run and access various resources on the server than to run in the default installation under SYSTEM. This is very easy with CF on a *nix box. You simply set up a user in the OS, then when you install CF you get prompted for the user that you wish CF to run as. The installer then configures all the services, directories, files etc. to allow it to run correctly under that user.
With a windows install, its a very different proposition....... You have to set up a user with the appropriate access rights for services, folder, files and registry entries. Its an absolute nightmare proposition, but will make CF much more secure if done correctly. It will also help if you want to do anything like access network resources via CF, as you will be able to allow the specific CF user to access those resources, which you can't do with the SYSTEM user. There is an article on defusion for this : http://www.defusion.com/articles/index.cfm?ArticleID=89 Thing is this is from 1999 and is for CF3/4(?). Has anyone done any new articles on this for CF5 and CFMX?? Regards Stephen ----- Original Message ----- From: "samcfug" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Thursday, November 21, 2002 5:00 AM Subject: Re: Followup: Page cannot be displayed .. what specifically does this mean? > No security problems, That is the way it is supposed to be. > CF uses a SYSTEM account and must have full control > permissions set wherever it is run. This is not clear in > the documentation. > > I am glad to hear that you have finally isolated and > resolved the display problem. I remember sweating blood and > tears getting my server set up to work properly as well. > > ===================================== > Douglas White > group Manager > mailto:[EMAIL PROTECTED] > http://www.samcfug.org > ===================================== > ----- Original Message ----- > From: "Michael Kear" <[EMAIL PROTECTED]> > To: "CF-Talk" <[EMAIL PROTECTED]> > Sent: Wednesday, November 20, 2002 9:55 PM > Subject: Followup: Page cannot be displayed .. what > specifically does this mean? > > > | > | The cure was to set the permissions correctly. I did this > by going to > | explorer on the server console, and setting all the > folders and files under > | C:\FUSION to have the same rights. > | > | > | Does anyone see any security problems with doing this? > Is there anything > | that resides under C:\FUSION (it's a default installation) > that shouldn't > | have the same rights as everything else? > | > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm
