Random quick Q.
I'm the office CF guy, but I've been off playing with other things for
the last year or so - and haven't touched CFMX 7.0 at all yet. Are
factory services in CFMX 7 securable - IE, in a shared hosting
environment - can we stop random users from running
<CFSCRIPT>
factory=createObject("java", "coldfusion.server.ServiceFactory");
sqlFactory=factory.DataSourceService;
</cfscript>
<cfdump var=#sqlfactory.getdatasources()#>
and grabbing a list of every stored DSN password on the server? Or is
it still a case of all dsn information stored in the administrator
should be considered public to anybody who can run code on the server,
regardless of sandboxing?
Cheers
Sean Bucklar
[EMAIL PROTECTED]
---
You are currently subscribed to cfaussie as: [email protected]
To unsubscribe send a blank email to [EMAIL PROTECTED]
Aussie Macromedia Developers: http://lists.daemon.com.au/
