But, in a shared hosting environment it's also easy to impersonate
other's Application scope by just putting a CFAPPLICATION tag with the
same name.
The only truly secure way to run CF on a shared server is to have
multiple instances of CF -- but, that is typically resource prohibitive.
At some level, you get what you paid for -- shared hosting is not what
someone should be using if security is a paramount concern. It's easy
for me to read and write any file that CF has access to (in my
experience, this is usually every file within the web root, at least --
on one of the shared hosts I've used the mail was stored on the same
machine as the CF, so I could, if I so desired, read the email of any
account on the machine with a few lines of CFML).
I've been running on shared hosts for many years without any problems,
and given the many thousands of CF sites that do the same without
widespread problems reported I guess that at some level there is a live
and let live social contract at play here. It's actually a testament to
how rare "black" hacking is that we don't hear more about this -- with a
single script you could 0wn every home page of every site on a shared
server (and I bet at most be impossible to track), yet we don't hear
about that happening (don't get any ideas ;)
- Nathan
Joseph Flanigan wrote:
There is a security problem / use problem with CF's Data Source Name.
When a DSN is put into the administrator with account and password, the
DSN becomes available to all applications on the server. In a shared
hosting environment, DSN are very easy to discover. This means untrusted
users can compromise any shared user.
The current security strategy is to not use accounts and passwords in
the admin but to put in the application with every cfquery. This
strategy cases other programming and connection programs.
I would like to see another level of DSN support at application scope.
Still use the strategy of no accounts and passwords in the administrator
at server scope, but put a new DSN that runs at the application scope
which has the account and password. Or leave the account and password
in the server scope but with a constraint bound to application scope.
Joseph
-----------------------------------------------------------------------
http://www.switch-box.org/CFSQLTool/Download/
Switch_box MediaFirm, Inc.
www.Switch-box.org Loveland, CO USA
----------------------------------------------------------
You are subscribed to cfcdev. To unsubscribe, send an email to
[email protected] with the words 'unsubscribe cfcdev' as the subject of
the email.
CFCDev is run by CFCZone (www.cfczone.org) and supported by CFXHosting
(www.cfxhosting.com).
CFCDev is supported by New Atlanta, makers of BlueDragon
http://www.newatlanta.com/products/bluedragon/index.cfm
An archive of the CFCDev list is available at
www.mail-archive.com/[email protected]
----------------------------------------------------------
You are subscribed to cfcdev. To unsubscribe, send an email to
[email protected] with the words 'unsubscribe cfcdev' as the subject of the
email.
CFCDev is run by CFCZone (www.cfczone.org) and supported by CFXHosting
(www.cfxhosting.com).
CFCDev is supported by New Atlanta, makers of BlueDragon
http://www.newatlanta.com/products/bluedragon/index.cfm
An archive of the CFCDev list is available at
www.mail-archive.com/[email protected]
