If a shared hosting environment uses the proper level of licencing for their CF install then they can sandbox things like this away from multiple accounts on the same instance of CF (or so I have been told in the past by MM staff). Also, running the Enterprise version of CF as a J2EE app, should allow multiple instances of CF on one server (
i.e. one instance of CF per customer). Mind you, I dont know what the impact would then be on licencing.
The problem (if it exists in a shared hosting environment) is that they are not running a high enough level of CF (or dont know how to set it up properly).
So - one of the possible solutions (rather than changing the way CF works, or the way you write code) is to have the hosting provider ramp up their CF offerings (which will probably cost more money for those people paying for the account).
As far as CFTRANSACTION is concerned....... it's a simple tag, it does what BEGIN TRANSACTION and END TRANSACTION do in SQL. I don't think it needs to be documented any more than it is. I use it when I have to (i.e
. multiple SQL calls that all need to roll back if one fails) and dont use it when I dont have to.
On 6/13/05, Joseph Flanigan <[EMAIL PROTECTED]> wrote:
What does "this" refer to?
Do you mean that making DSN without account and passwords causes
cftransaction to fail? If that is case, perhaps Macromedia should review
the architecture.
( I never use cftransaction because it has poor documentation. I know
Cornfied and others brag about it, but I do not consider it a best practice
tag. cfinsert and cfupdate fall into this category as well.)
Joseph
At 02:15 PM 6/12/2005, you wrote:
>This prevents you from using CFTransactions, since CFTransaction runs based
>on the credentials stored in the CFAdmin. It doesn't always tell you it's
>failing though!
>
>Roland
>
>-----Original Message-----
>From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf
>Of Joseph Flanigan
>Sent: Sunday, June 12, 2005 4:42 AM
>To: [email protected]
>Subject: [CFCDev] Application Data Source Names
>
>There is a security problem / use problem with CF's Data Source Name.
>
>When a DSN is put into the administrator with account and password, the DSN
>becomes available to all applications on the server. In a shared hosting
>environment, DSN are very easy to discover. This means untrusted users can
>compromise any shared user.
>
>The current security strategy is to not use accounts and passwords in the
>admin but to put in the application with every cfquery. This strategy cases
>other programming and connection programs.
>
>I would like to see another level of DSN support at application scope.
>
>Still use the strategy of no accounts and passwords in the administrator at
>server scope, but put a new DSN that runs at the application scope which
>has the account and password. Or leave the account and password in the
>server scope but with a constraint bound to application scope.
>
>Joseph
>
>-----------------------------------------------------------------------
>http://www.switch-box.org/CFSQLTool/Download/
>
>Switch_box MediaFirm, Inc.
>www.Switch-box.org Loveland, CO USA
>
>
>
>----------------------------------------------------------
>You are subscribed to cfcdev. To unsubscribe, send an email to
>[email protected] with the words 'unsubscribe cfcdev' as the subject of the
>email.
>
>CFCDev is run by CFCZone ( www.cfczone.org) and supported by CFXHosting
>(www.cfxhosting.com).
>
>CFCDev is supported by New Atlanta, makers of BlueDragon
>http://www.newatlanta.com/products/bluedragon/index.cfm
>
>An archive of the CFCDev list is available at
> www.mail-archive.com/[email protected]
>
>
>
>
>
>
>
>----------------------------------------------------------
>You are subscribed to cfcdev. To unsubscribe, send an email to
>[email protected] with the words 'unsubscribe cfcdev' as the subject of
>the email.
>
>CFCDev is run by CFCZone (www.cfczone.org ) and supported by CFXHosting
>(www.cfxhosting.com).
>
>CFCDev is supported by New Atlanta, makers of BlueDragon
> http://www.newatlanta.com/products/bluedragon/index.cfm
>
>An archive of the CFCDev list is available at
>www.mail-archive.com/[email protected]
-----------------------------------------------------------------------
http://www.switch-box.org/CFSQLTool/Download/
Switch_box MediaFirm, Inc.
www.Switch-box.org Loveland, CO USA
----------------------------------------------------------
You are subscribed to cfcdev. To unsubscribe, send an email to [email protected] with the words 'unsubscribe cfcdev' as the subject of the email.
CFCDev is run by CFCZone (www.cfczone.org) and supported by CFXHosting ( www.cfxhosting.com).
CFCDev is supported by New Atlanta, makers of BlueDragon
http://www.newatlanta.com/products/bluedragon/index.cfm
An archive of the CFCDev list is available at www.mail-archive.com/[email protected]
----------------------------------------------------------
You are subscribed to cfcdev. To unsubscribe, send an email to [email protected] with the words 'unsubscribe cfcdev' as the subject of the email.
CFCDev is run by CFCZone (www.cfczone.org) and supported by CFXHosting (www.cfxhosting.com).
CFCDev is supported by New Atlanta, makers of BlueDragon
http://www.newatlanta.com/products/bluedragon/index.cfm
An archive of the CFCDev list is available at www.mail-archive.com/[email protected]
