use sandboxes. If you're still running CF5 this might work:
http://www.intrafoundation.com/ihtk/secFile/
Granted that's for Windows and I'm coming into the middle of the
conversation and don't know what os you're using. You can also google
search for "cfx_file" and "cfx_directory".
hth
s. isaac dealey 954.927.5117
new epoch : isn't it time for a change?
add features without fixtures with
the onTap open source framework
http://www.sys-con.com/story/?storyid=44477&DE=1
>>I'm not sure user-space code should be calling templates
>>in the CFIDE
>>directory ...
> Thanks for the reply, Tom. Ultimately, what we're trying
> to do, per this article from ColdFusion Developer's
> Journal
> <http://www.sys-con.com/coldfusion/article.cfm?id=404>, is
> put in place a work-around to allow limited access to
> CFFILE and other restricted tags on a server where they
> are disabled. By default, CFIDE\Administrator is the
> Unrestricted Tags Directory and the idea is that placing a
> carefully written tag there, one that only allows file
> uploads to be saved to the user's own directory, for
> example, would allow developers limited access to CFFILE
> while minimizing the security risks associated with the
> tag. It works great locally, but as soon as we try
> running it on the server, it can't even find the template,
> even though it's been properly mapped.
> Cases match in all places, so even if it is
> case-sensitive, that's not what's causing the problem.
> ~M
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
