Just define a user with readonly rights to the database or even less.
Then use this username to create the datasource. After that you need to
use username and password in your cfquery tags.
Why is this a problem for you? Do you want to secure several different
datasource from beeing accessed by
On 6/14/07, Robert Rawlins - Think Blue [EMAIL PROTECTED]
wrote:
Hello Guys,
however, how do I have it so the username and password must
be supplied in my cfquery or stored proc tags?
I'm not sure if this makes any difference, but the SQL Server and the CF
are
running on the same box and
.
Thanks again guys,
Rob
-Original Message-
From: Casey Dougall [mailto:[EMAIL PROTECTED]
Sent: 14 June 2007 12:02
To: CF-Talk
Subject: Re: Securing Datasources
On 6/14/07, Robert Rawlins - Think Blue
[EMAIL PROTECTED]
wrote:
Hello Guys,
however, how do I have it so the username
I'm looking to get some advice on securing my datasource as
much as possible.
I'm looking for some advice on the data source, I'm changing
the allowed functions of the datasource to SELECT, UPDATE and
INSERT only to stop things being dropped, however, how do I
have it so the username
[mailto:[EMAIL PROTECTED]
Sent: 14 June 2007 12:15
To: CF-Talk
Subject: RE: Securing Datasources
I'm looking to get some advice on securing my datasource as
much as possible.
I'm looking for some advice on the data source, I'm changing
the allowed functions of the datasource to SELECT, UPDATE
Thanks for that mate, I know there are bigger security fish
to fry when working on the same box but unfortunately this
setup works better for my budget at the moment, give it 6
months and I'll have grown out of it.
Deciding whether to store passwords in the CF Administrator vs CFQUERY tags
I disagree a little on that. Since if you store the password in the CF
admin, every application on the server can access the datasource with
the necessary rights. Whereas when you use username and password inside
cfquery, at least the different web applications can not access all
datasources
on where the details are stored.
Thanks guys,
Rob
-Original Message-
From: Dave Watts [mailto:[EMAIL PROTECTED]
Sent: 14 June 2007 13:42
To: CF-Talk
Subject: RE: Securing Datasources
Thanks for that mate, I know there are bigger security fish
to fry when working on the same box
Lol, Hilarious analogy, is it really -THAT- bad having them
on the same box?
Yes. Your database can be directly accessed from the shell. The database
files can be accessed directly.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
Fig Leaf Software provides the highest caliber
I disagree a little on that. Since if you store the password
in the CF admin, every application on the server can access
the datasource with the necessary rights. Whereas when you
use username and password inside cfquery, at least the
different web applications can not access all
: Dave Watts [mailto:[EMAIL PROTECTED]
Sent: 14 June 2007 14:58
To: CF-Talk
Subject: RE: Securing Datasources
Lol, Hilarious analogy, is it really -THAT- bad having them
on the same box?
Yes. Your database can be directly accessed from the shell. The database
files can be accessed directly.
Dave
Ok well that's well worth know Dave, thanks. How can I best
protect my shell? The server has a pretty tidy firewall on
it, albeit a shared one, the server also isnââ¬â¢t used for
anything other than the db and serving my ColdFusion apps
and email.
The only way to protect the database
On 6/14/07, Dave Watts wrote:
The only way to protect the database server from being vulnerable to
successful exploits against your web server is to put it on a separate
machine.
And even then it's not really protected. /Maybe/ it's more protected,
but man, there are a million links in the
13 matches
Mail list logo
