But in summary, in your opion there is no way to secure an application. The OS can't be secured, the server can't be secured nor the database. All the ideas and discussion in this thread is pointless.
Although you have no suggestions of your own..... but you a speaking on CF Security at CFUN?
-adam
> -----Original Message-----
> From: Matt Liotta [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, March 24, 2004 02:33 PM
> To: 'CF-Talk'
> Subject: Re: Securing CF Apps.
>
> > yes matt. it is true that there is a dba login to every database. of
> > course no one using the application has the role of dba. so what is
> > your point?
> >
> The point is the login is there and can be exploited. No matter how
> much you lock down the schema, there is always one user account which
> has full access. Therefore, I believe you are wasting your time trying
> to lock down the schema in the case of a web application. It would be
> much better to implement a stateful firewall in front of your database,
> so it could be fully protected.
>
> -Matt
>
>
>
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
