-adam
> -----Original Message-----
> From: Matt Liotta [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, March 23, 2004 10:09 PM
> To: 'CF-Talk'
> Subject: Re: Securing CF Apps.
>
> > are you arguing semantics or ideas on how to lock down a cf
> > application. locking down the CFIDE is just another catch. it may just
> > be enforcing your database lockdown, but it another layer of
> > enforcement none the less.
> >
> It isn't another layer of enforcement. It is a redundant and irrelevant
> setting in the case you describe.
>
> > no. if a user access my db, and they only have permissions to
> > executre on packages.... thats _all_ they will see. Thats how the
> > security works. if they try and query on a table... they get an error
> > saying it doesnt exist. if they try and execture a procedure they dont
> > have access to... again an error saying it doesnt exist.
> >
> No, if the person uses the login that your application uses. There is
> always another login that has full access to the database.
>
> -Matt
>
>
>
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
