> Can anybody tell me the most glaring secutiy holes associated > with CF, in > particular CFFILE? People have been hacking some sites of > mine and I think
Do you restrict the file types that can be uploaded (via the CFFILE attribute)? Do you pass the path to the file once it's been uploaded as a URL variable or a form field so that someone could either (i) view them or (ii) edit them? -- Aidan Whitehall <[EMAIL PROTECTED]> Macromedia ColdFusion Developer Fairbanks Environmental +44 (0)1695 51775 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
