Ben, Thanks for the suggestion! Are you restricting the file access at the web server level, or in CF? If in CF, are you testing for the file name in CGI scope to deny access?
>We store ours in a CF struct: > >DSN = StructNew(); >DSN.Source = "" >DSN.Username = "" >DSN.Password = "" > > >And then we use that in the queries. We put that in a file that starts with >an "_" and then we deny any access to files that start with an "_" so people >can access it by some means. > >My boss is a stickler for security and he is cool with it. Just make sure >you never dump it out to screen anywhere and you should be good. We have >never had a problem. > >You could maybe go further if you are worried and make then private >variables inside a DSN coldfusion component. That way, they wouldn't even be >able to be seen in a dump. Then use getters for values: DSN.GetSource(), >DSN.GetPassword(), etc. > >But that is probably overkill. > >...................... >Ben Nadel >Web Developer >Nylon Technology >6 West 14th Street >New York, NY 10011 >212.691.1134 >212.691.3477 fax >www.nylontechnology.com > >"Vote for Pedro" > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Discover CFTicket - The leading ColdFusion Help Desk and Trouble Ticket application http://www.houseoffusion.com/banners/view.cfm?bannerid=48 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:227156 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
