> > Hashing your app name isn't going to protect you from
> > others on a shared server from looking in on you:
> >
> > <!--- application tracker object --->
> > <cfset appObj =
> > createObject("java","coldfusion.runtime.ApplicationScopeTracker")>
>
> But sandbox security can turn that off...
Well, yes, assuming that CFML code is your only route of attack. However,
don't most shared hosting providers typically let you run all sorts of code
other than CF? I think your best advice was what you said later in the
thread - don't expect too much security on a shared server unless you're
using server virtualization.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
Fig Leaf Software provides the highest caliber vendor-authorized
instruction at our training centers in Washington DC, Atlanta,
Chicago, Baltimore, Northern Virginia, or on-site at your location.
Visit http://training.figleaf.com/ for more information!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Discover CFTicket - The leading ColdFusion Help Desk and Trouble
Ticket application
http://www.houseoffusion.com/banners/view.cfm?bannerid=48
Message: http://www.houseoffusion.com/lists.cfm/link=i:4:204120
Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4
Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
