We always agree... we just pretend like we at each other's throats for the entertainment of the list.
Matt Liotta President & CEO Montara Software, Inc. http://www.montarasoftware.com/ V: 415-577-8070 F: 415-341-8906 P: [EMAIL PROTECTED] > -----Original Message----- > From: Craig Thomas [mailto:[EMAIL PROTECTED]] > Sent: Thursday, July 18, 2002 6:15 PM > To: CF-Talk > Subject: RE: filesystem security (was: Idea Incubator - javax.imageio.Imag > eReader) > > Holy s$%# Batman! did Dave and Matt just agree!? > > > >>-----Original Message----- > >>From: Matt Liotta [mailto:[EMAIL PROTECTED]] > >>Sent: Thursday, July 18, 2002 7:39 PM > >>To: CF-Talk > >>Subject: RE: filesystem security (was: Idea Incubator - > >>javax.imageio.Imag eReader) > >> > >> > >>I certainly agree and have stated so in other threads. The virtual > >>machine image concept is finally starting to go somewhere. It is now > >>possible to easily host many different Linux images on the same > >>hardware. IBM also offers this kind of setup on its mainframes. > >>Although, the costs of hardware are making this setup less cost > >>effective. For example, RLX makes a blade chassis that can accommodate > >>24 blades in 3 U of space. With each blade costing around $1500 a piece, > >>a rack full of blades is a much better deal than a mainframe. > >> > >>Matt Liotta > >>President & CEO > >>Montara Software, Inc. > >>http://www.montarasoftware.com/ > >>V: 415-577-8070 > >>F: 415-341-8906 > >>P: [EMAIL PROTECTED] > >> > >>> -----Original Message----- > >>> From: Dave Watts [mailto:[EMAIL PROTECTED]] > >>> Sent: Thursday, July 18, 2002 4:38 PM > >>> To: CF-Talk > >>> Subject: RE: filesystem security (was: Idea Incubator - > >>javax.imageio.Imag > >>> eReader) > >>> > >>> > I think this brings up interesting security issues for > >>> > virtual hosting companies. In this case, accessing files > >>> > with IE would be done using the application server's user. > >>> > Thus enabling all of the virtual users to see each other's > >>> > files since there is only a single application server. > >>> > >>> Well, personally, I've always thought that secure shared hosting was > >>> always > >>> pretty much a lost cause. I think that the only reasonably safe > >>approach > >>> is > >>> to use virtual machines - something like VMware's GSX server, for > >>example. > >>> While Jochem's setup is probably safe enough for most people, I doubt > >>that > >>> many shared hosting providers go to that extreme. It just seems like > >>too > >>> much trouble to me, but maybe I'm just too lazy. And when you start > >>using > >>> CF > >>> in virtual machines, I suspect you might need one license for each VM, > >>> which > >>> might be a bit expensive. > >>> > >>> I do remember the "old days", though, when a web server administrator > >>was > >>> expected to read every CGI script to ensure that it didn't do anything > >>> bad. > >>> > >>> Dave Watts, CTO, Fig Leaf Software > >>> http://www.figleaf.com/ > >>> voice: (202) 797-5496 > >>> fax: (202) 797-5444 > >>> > >> > ______________________________________________________________________ This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists