This depends what permissions your cf setvice runs under, if you jusy installed as default then cf has full system access via java.
Regards Russ Michaels On Sep 19, 2012 11:53 PM, "Chris" <[email protected]> wrote: > > So ... a client wants to know just how risky it is to temporarily > allow java.security.AllPermission ? > > It's clear it's not good, but how bad is it? What exactly could > someone do to a server that's behind firewalls and load balancers? > > thanks, > Chris > > Here's what they're asking about enabling: > \Jrun4\lib\jrun.policy > // to grant wide-open security access to all code, uncomment this line > // permission java.security.AllPermission; > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:352672 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
