In addition to what Jochem wrote, I think it is even more important to
structure the envionrment in a way that enables students to learn from their
mistakes; such as if they mess up the DB or their data, thats just one more
thing they can learn from. Just plan for it... have two databases running on
a server so when one is mangled you can switch to the other one and vice
versa.... Now in a real world situation, resources are limited to some
extent or should be anyway.
Mike
----- Original Message -----
From: "Jochem van Dieten" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Monday, August 04, 2003 7:41 AM
Subject: Re: An ISP's Dream: Extensions in one sandbox, client code in
another
> Blum, Jason (SAA) wrote:
> >
> > Suppose you do want all of your students to be able to experiment with
> > CFML. You want them to learn about SQL perhaps within the confines of
> > QoQ.
>
> No way. QoQ is an abomination. Why wouldn't I want them to use a
> real database?
>
>
> > But you know they come and go every year and aren't around long
> > enough to learn advanced best practices. SO you do things like enforce
> > strict tag attributes and have CFAdmin check all locks.
>
> Those are CF 5 issues, not CF MX (or RedSky).
>
>
> > But they're not really ready to write complex stored procedures and
> > outer joins with nested selects or something. So, you package these in
> > custom tags and disable their CFQUERY to prevent them from even trying
> > it.
>
> What is wrong with them trying it? Worst case they corrupt their
> own data. They are entitled to corrupt their own data, aren't they?
>
>
> > CFML is so wonderful because it is so easy to pick up. But it is
> > powerful and as the language evolves, it might be helpful to make the
> > security framework even more flexible to allow a campus ISP to perhaps
> > host "tiered" contribution groups. ("If you hang my server, you get
> > bumped down to the novice group where you can only call custom tags...")
>
> Running multiple instances should allow you to do so. One
> instance for yourself, one for each customer that needs it and
> one for the rest all together in sandboxes. But the sandboxes
> only disallow the basics like file system access outside their
> own directory and the use of COM objects, not cfquery.
>
> I still don't see why you would want to disallow people from
> doing such basic things as cfquery. What is the point of that?
>
> Jochem
>
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4
Subscription:
http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
This list and all House of Fusion resources hosted by CFHosting.com. The place for
dependable ColdFusion Hosting.
http://www.cfhosting.com
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
