I have security concern about ColdFusion DNSs. I have created a CF DSN for a MS SQL Database using CF Admin. When we create DSN it asks for username and password of the database.
Now I can access this DSN in my scripts without database username & password so that means if I am on shared hosting server than I can access any of the database using DSN even without knowing the database username and password. All I need to know is the DSN name. and if I can do this than I can do anything with the database hosted on that server. I have tested it and I can confirm what I have mentioned. The thing is how can I avoid this? Any comments? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:312496 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
