This question was tacked on to another discussion, but thought I might solicit more feedback by starting its own thread?
>From an ISP's perspective, would it not be a God-send to put all clients in one big, heavily restricted sandbox (no datasources, etc.) and all datasource-accessing CFC's and other extensions in another sandbox to which only the ISP administrator has posting rights? We would aggressively advertise the contents of the latter to the clients using UDDI or just some kind of MM Exchange kind of catalog. Clients would always be free to develop their own CFC's and extensions, but would rapidly find tying into existing middle layer functionality an increasingly appealing alternative. Or consider a simpler example: You don't want clients CFEXECUTING some local executable. But you do want to allow them to drop into their code a custom tag that can execute that local executable because in that tag you have some logic or something that lets you fix parameters or something. So far, testing suggests the calling template's sandbox restrictions always override anything they call or invoke, except obviously a remote web service - but what a shame to have to go up and down the protocol stack... Have I missed something fundamental or would this not be a boon to ISP's?! -Jason ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
