Thanks for that Dana its greatly appreciated. I had set my new users to datareader and datawriter as well as removing any further access using the ColdFusion admin panel, and everything seems to be working just fine. I'll be sure to check around for those documents.
Thanks, Rob -----Original Message----- From: Dana Kowalski [mailto:[EMAIL PROTECTED] Sent: 14 March 2007 14:15 To: CF-Talk Subject: Re: Password Protect My DSN One of the reasons to password protect your DSN in code vs administrator is on a shared host the ability for someone to compromise your administrator if the host isn't diligent about it. Another reason is to not allow someone else on your virtual host to maliciously access you data source without providing credentials. As far as locking it down.... theres a lot of routes to go. If you search for security checklists by MIST, DISA, DoS etc you'll find some Govt. type ones, probably, that will give you an idea. Obviously as said, never use the SA acct. Another couple good ones: - In your CF admin data source remove the ability (under advanced) to create, alter, drop, grant, and revoke. (obviously as long as your application doesn't need to make table structural or permission modifications). - In SQL server there is a public role assigned to a lot of things. If you are using a created, authenticated user, you can typically remove this public role without any harm to your database/application. - The user you create in SQL for ColdFusion typically only needs datareader and datawriter access to the database (again depending on the application requirements). Most times a basic app. won't need anything else. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| ColdFusion MX7 and Flex 2 Build sales & marketing dashboard RIAâs for your business. Upgrade now http://www.adobe.com/products/coldfusion/flex2?sdid=RVJT Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:272655 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
