Absolutely. I'm not a security hawk and tend not to get too out of control with locking things down, but I do like to create a user with only those privileges required to execute the application functionality (and, of course, only the database or databases required by the app). I then supply that un/pwd to the CF Administrator.
Like I said, it's not completely locked down and I know that, but it's enough to do what I need it to do - limit my exposure. Whatever you do, make sure you stop using "sa". That has the potential to end really badly for you. :-) On 3/14/07, Robert Rawlins - Think Blue <[EMAIL PROTECTED]> wrote: > Hello Guys, > > > > My DSN doesn't currently require a username and password, just the DSN will > do. Now I've read a few 'best practices' and security type documents in the > past and they've always stated that my DSN should require a username and > password to keep it nice and secure. > > > > Now, my database requires a password to connect to it, and I place these > into my ColdFusion admin panel, is it simple a case of leaving this setting > blank in the admin panel and then passing those settings along in my query? > > > > I'm running at the moment with the 'sa' user whilst in development, which is > scaring me a little, should I be creating a special 'ColdFusion' user for > SQL Server giving specific features?, On my DSN I've set the restricted > query types so it can't create or drop entire tables as the app will never > have to do this. If I need to create a separate user then what's the best > way of achieving this, what settings should I be using for the user as far > as their privileges are concerned? > > > > Thanks for any advice on this guys, > > > > Rob > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Deploy Web Applications Quickly across the enterprise with ColdFusion MX7 & Flex 2 Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJU Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:272642 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
