> Bobby is right. The userid and password in the code > will override the DSN. Just put in a dummy user name > and password.in the DSN if you must have one. > The DSN won't verify but so what?
Without sandboxing, this can actually be worse than having the DSN available to anyone on the server (not saying this is true in all cases, but a possibility). Now not only can anyone else on the server still access your data, they would have access to your credentials. If the host hasn't enabled sandboxing, chances are anyone on the server can use CFDIRECTORY and CFFILE to just crawl through the server and make copies of everyone's code which would now include your database username and password, so the DSN security is really the least of your concerns in this situation. -Justin Scott ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:312523 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4