>> ignore a public facing server, you are asking for trouble We all have public facing applications, including banks, CIA, FBI, etc, simply protected by a password, but we usually do not have undocumented backdoors ;-) If the CF administrator dindn't have this undocumented function allowing to bypass the password, it would have been secure enough the way it was in CFIDE and there would have been no need for the installer to install it anywhere else.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:358126 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm