In general, you DON'T want the user that CF runs as to have write access to itself. If it does, then a malicious script could delete the runtime. Certain portions have to be accessible (like log files, the Mail spool, etc.), but most of it should be read only.
cheers, barneyb On 9/4/07, Brad Wood <[EMAIL PROTECTED]> wrote: > Tell you what... let's say CF runs as a user called "cfmx" (enter > whatever user you use here). You want a user cfadmin to be able to edit > the files as well. > > Do this: > Add your cfadmin user into a cfadmin group (done automatically on OS's > like Redhat I believe). Then do chown -R cfmx:cfadmin > /opt/coldfusionmx7/ (or whatever your root CF directory is). Now all > the files belong to the cfmx user and the cfadmin group. > > Now, chmod -R g+w /opt/coldfusionmx7/ etc... so the group has read, > write, and execute permissions. > > This way the user that CF runs as has full control of the files, and so > does any user in the cfadmin group. > > ~Brad -- Barney Boisvert [EMAIL PROTECTED] http://www.barneyb.com/ Got Gmail? I have 100 invites. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Enterprise web applications, build robust, secure scalable apps today - Try it now ColdFusion Today ColdFusion 8 beta - Build next generation apps Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:287742 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
