Sure, but we are talking about security of shared hosting here even if the subject of the email is wrong. If you are attempting to exploit a server and only know CFML; you're kinda fucked!
-Matt On Wednesday, September 3, 2003, at 02:36 PM, John Wilker wrote: > People who don't know Java :) > > -----Original Message----- > From: Matt Liotta [mailto:[EMAIL PROTECTED] > Sent: Wednesday, September 03, 2003 11:22 AM > To: CF-Talk > Subject: Re: DWMX 2004 - Whats new for us? > > > Who needs cffile or cfdirectory when you can use use java.io.File? > > -Matt > > On Wednesday, September 3, 2003, at 02:12 PM, Doug White wrote: > >> Most Shared providers disable CFFILE and CFDIRECTORY anyway >> >> ====================================== >> Stop spam on your domain, use our gateway! >> For hosting solutions http://www.clickdoug.com >> Featuring Win2003 Enterprise, RedHat Linux, CFMX 6.1 and all >> databases. ISP rated: http://www.forta.com/cf/isp/isp.cfm?isp_id=772 >> Suggested corporate Anti-virus policy: >> http://www.dshield.org/antivirus.pdf >> ====================================== >> If you are not satisfied with my service, my job isn't done! >> >> ----- Original Message ----- >> From: "Ryan Kime" <[EMAIL PROTECTED]> >> To: "CF-Talk" <[EMAIL PROTECTED]> >> Sent: Wednesday, September 03, 2003 11:29 AM >> Subject: RE: DWMX 2004 - Whats new for us? >> >> >> | >I used the word "free".....they use the word "included" >> | >> | Semantics, I know, but here is the page I am referring to: >> | >> | http://www.uniserve.com/bus/usa/web/rates_glance.php?c=nt >> | >> | >> | >Why should they use Enterprise if it's not required (i.e. >> clustering/load >> | balancing etc.). >> | >> | Hmmmm...maybe to keep other people from using your database >> connections and >> | your custom tags. Plus keep the general population on the server >> from using >> | cfdirectory/cffile outside their account's root. That's enough to >> make me >> | look elsewhere. >> | >> | >> | -----Original Message----- >> | From: Bryan Stevenson [mailto:[EMAIL PROTECTED] >> | Sent: Wednesday, September 03, 2003 11:07 AM >> | To: CF-Talk >> | Subject: Re: DWMX 2004 - Whats new for us? >> | >> | >> | Well Ryan they are absolutely great and in 5 years I have never had >> a CF >> | related problem that wasn't fixed within 15 minutes of it being >> found (and I >> | can count how many issues on one hand). >> | >> | I used the word "free".....they use the word "included". >> | >> | Why would you "run away" if they are using Pro/Standard? Why should >> they >> | use Enterprise if it's not required (i.e. clustering/load balancing >> etc.). >> | >> | These guys are a national ISP and can easily absorb the cost of the >> | software....that's how. >> | >> | Cheers >> | >> | Bryan Stevenson B.Comm. >> | VP & Director of E-Commerce Development >> | Electric Edge Systems Group Inc. >> | t. 250.920.8830 >> | e. [EMAIL PROTECTED] >> | >> | --------------------------------------------------------- >> | Macromedia Associate Partner >> | www.macromedia.com >> | --------------------------------------------------------- >> | Vancouver Island ColdFusion Users Group >> | Founder & Director >> | www.cfug-vancouverisland.com >> | ----- Original Message ----- >> | From: "Ryan Kime" <[EMAIL PROTECTED]> >> | To: "CF-Talk" <[EMAIL PROTECTED]> >> | Sent: Wednesday, September 03, 2003 8:13 AM >> | Subject: RE: DWMX 2004 - Whats new for us? >> | >> | >> | > "There's no such thing as a free lunch" >> | > >> | > I would be leery of *free* CF and SQL Server, both of those cost a >> | > pretty penny and are not easy to cover without passing some of the >> | > cost on to customers. It also makes me wonder why they use the >> | > term "FREE" and not "included" when describing their plans. >> | > >> | > Which version of CF are they using? If it's Pro/Standard and not >> | Enterprise, >> | > don't walk, but run away as fast as you can. >> | > >> | > Ryan >> | > >> | > -----Original Message----- >> | > From: Bryan Stevenson [mailto:[EMAIL PROTECTED] >> | > Sent: Wednesday, September 03, 2003 9:55 AM >> | > To: CF-Talk >> | > Subject: Re: DWMX 2004 - Whats new for us? >> | > >> | > >> | > Hey All, >> | > >> | > Just thought I'd chime in here. >> | > >> | > I've seen a lot of folks mentioning BlueDragon and how it may >> | > bring down hosting costs for CF. Well I'm not sure about the US, >> | > but CF >> is >> | > starting >> | to >> | > be offered for NO EXTRA CHARGE up here in Canada. >> | > >> | > www.uniserve.com for example (and there are others). >> | > >> | > NT Hosting with SQL Server 2000 and CFMX in a shared environment >> for >> | > about $35 CDN/month and they rock!! I've used the company they >> | > recently >> | acquired >> | > (Axion Internet) for the past 5 years and the service only got >> better >> | after >> | > the merger. Beleive it or not the SQL Server does not even add >> | > any >> | monthly >> | > cost...just a $25 CDN setup fee!! >> | > >> | > So while BD may help bring other ISPs down to earth.....that move >> is >> | already >> | > happening here ;-) >> | > >> | > Cheers >> | > >> | > Bryan Stevenson B.Comm. >> | > VP & Director of E-Commerce Development >> | > Electric Edge Systems Group Inc. >> | > t. 250.920.8830 >> | > e. [EMAIL PROTECTED] >> | > >> | > --------------------------------------------------------- >> | > Macromedia Associate Partner >> | > www.macromedia.com >> | > --------------------------------------------------------- >> | > Vancouver Island ColdFusion Users Group >> | > Founder & Director >> | > www.cfug-vancouverisland.com >> | > ----- Original Message ----- >> | > From: "Jim Davis" <[EMAIL PROTECTED]> >> | > To: "CF-Talk" <[EMAIL PROTECTED]> >> | > Sent: Tuesday, September 02, 2003 6:54 PM >> | > Subject: RE: DWMX 2004 - Whats new for us? >> | > >> | > >> | > > For me, I wouldn't at the moment just because I'm very happy >> where I >> | > > am (CrystalTech). >> | > > >> | > > However BlueDragon has the definite potential to bring CF >> | > > hosting prices down significantly (one of the complaints I here >> | > > about >> CF) so >> | > > I would really like to see it offered by a few hosts. >> | > > >> | > > As Vince pointed out in a branch from this thread BlueDragon >> | > > also makes excellent sense for somebody that wants to package >> | > > their CF application for use on a server lacking CF (which can >> | > > be in >> either >> | > > J2EE or, soon, .NET). >> | > > >> | > > Although this market has traditionally been very small with CF >> Blue >> | > > Dragon may expand it greatly. >> | > > >> | > > Jim Davis >> | > > >> | > > > -----Original Message----- >> | > > > From: Mike Brunt [mailto:[EMAIL PROTECTED] >> | > > > Sent: Tuesday, September 02, 2003 11:28 AM >> | > > > To: CF-Talk >> | > > > Subject: RE: DWMX 2004 - Whats new for us? >> | > > > >> | > > > There is another question in the whole Bluedragon debate. How >> | > > > many of >> | > > us >> | > > > would move our site(s) to a hosting company using BD instead >> of MM >> | > > > ColdFusion? >> | > > > >> | > > > Kind Regards - Mike Brunt >> | > > > Webapper Services LLC >> | > > > Web Site http://www.webapper.com >> | > > > Blog http://www.webapper.net >> | > > > >> | > > > Webapper <Web Application Specialists> >> | > > > >> | > > > -----Original Message----- >> | > > > From: Jim Davis [mailto:[EMAIL PROTECTED] >> | > > > Sent: Tuesday, September 02, 2003 7:56 AM >> | > > > To: CF-Talk >> | > > > Subject: RE: DWMX 2004 - Whats new for us? >> | > > > >> | > > > > -----Original Message----- >> | > > > > From: Matt Liotta [mailto:[EMAIL PROTECTED] >> | > > > > Sent: Tuesday, September 02, 2003 2:16 AM >> | > > > > To: CF-Talk >> | > > > > Subject: Re: DWMX 2004 - Whats new for us? >> | > > > > >> | > > > > > If your clients are small enough where the cost of CF is >> | > > prohibitive >> | > > > it >> | > > > > > may be likely that the cost of managing an Intranet is >> | > > > > > also >> | > > > prohibitive >> | > > > > > (although they may be doing it anyway and have never done >> | > > > > > a cost analysis). >> | > > > > > >> | > > > > I'll agree with that, but certainly the use of certain >> software >> | > > > > e.g. >> | > > > CF >> | > > > > could be what tips the scale. If that is the case, then a >> | > > > > cheaper implementation of CFML (BlueDragon) can certainly >> help >> | > > > > in that >> | > > regard. >> | > > > >> | > > > It definitely has an effect, but in most cases (and certainly >> not >> | > > > in CF's case) the cost of software is very small compared to >> | > > > maintenance and general infrastructure costs. >> | > > > >> | > > > Even managing a small, single Intranet server using free >> software >> | > > > can >> | > > be >> | > > > (often surprisingly) very costly once you do a full resource >> | > > > map/prediction - especially when extended to the life of the >> | > > > server. >> | > > > >> | > > > All that being said every little bit does help. ;^) If >> software >> | > > costs >> | > > > are lower then you total project costs COULD definitely be >> lower >> | > > > (but often aren't due to other factors not commonly taken into >> | > > > account). >> | > > > >> | > > > > > Many hosting companies are hosting their Intranet at >> "public" >> | > > hosts >> | > > > for >> | > > > > > this reason. There are some hosts that do nothing but >> | > > > > > traditional Intranet applications along with email >> (Exchange >> | > > > > > hosting, for >> | > > > example, >> | > > > > > is pretty common due to the cost and complexity of >> managing an >> | > > > Exchange >> | > > > > > server). >> | > > > > > >> | > > > > That may be, but there are serious issues with outsourcing >> | > > > > internal >> | > > IT >> | > > > > resources externally that many of these companies may not be >> | > > > > aware >> | > > of. >> | > > > > One example of this is that their WAN connection becomes a >> | > > > > single >> | > > > point >> | > > > > of failure. Then of course there are legality issues related >> to >> | > > giving >> | > > > > non-employees access to sensitive data that aren't under >> | > > > > specific consulting agreements, which is the case when your >> | > > > > email is hosted >> | > > by >> | > > > a >> | > > > > 3rd party. >> | > > > >> | > > > All true - this all depends, of course, on how much the >> | > > > company wants >> | > > to >> | > > > spend as well. If you want to get away more cheaply you'll be >> | > > > sacrificing some things. A full "bullet-proof" system will >> always >> | > > cost >> | > > > more. >> | > > > >> | > > > > > No, consider an Intranet with is planned to contain, let's >> | > > > > > say, >> | > > six >> | > > > > > distinct applications (not at all uncommon). My case now >> is >> | > > > > > that >> | > > > each >> | > > > > > of these applications only has to save two hours of >> | > > > > > development >> | > > time >> | > > > > > due >> | > > > > > to CF for it to be just as cost effective as a "free" >> | > > > > > solution. >> | > > > > > >> | > > > > Of course, the case with BlueDragon would only need to save >> one >> | > > > > hour per application. >> | > > > >> | > > > True. I'm not arguing against Blue Dragon but rather the >> concept >> | > > > that software costs (at this level) are major considerations. >> Too >> | > > > many >> | > > times >> | > > > I've heard "we can't afford CF" only to watch a company spends >> | > > thousands >> | > > > more pursuing an untried "free" solution. >> | > > > >> | > > > The problem here is almost always one of training and >> | > > > applicability. >> | > > A >> | > > > company that has great Linux/PostGres/PHP people will, of >> course, >> | > > > use them. But a company looking for a solution often >> gravitates to >> | > > > free software due to cost concerns. >> | > > > >> | > > > Developers are then in the position of learning these tools as >> | > > > they develop - which ends up costing far, far more in the long >> run >> | > > > than setting up, for example, a Windows environment that they >> may >> | > > > have some experience with. >> | > > > >> | > > > For a medium/large company this isn't a problem as the extra >> time >> | > > > can >> | > > be >> | > > > split with R&D/Training and down the road you do gain. But >> | > > > for the >> | > > very >> | > > > small company this often locks them into a money-pit; tying >> them >> | > > > into >> | > > a >> | > > > solution they don't know and resulting either in a failed >> project >> | > > > or >> | > > one >> | > > > that doesn't meet expectations. >> | > > > >> | > > > Many of them are roped in by contractors that claim they can >> "pick >> | > > > up" something easily. My advice to small business is always >> stick >> | > > > with >> | > > what >> | > > > you know and always pay extra for gurus. >> | > > > >> | > > > Jim Davis >> | > > > >> | > > > >> | > > > >> | > > > >> | > > >> | > >> | > >> | >> | >> > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/lists.cfm?link=t:4 Subscription: http://www.houseoffusion.com/lists.cfm?link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. http://www.cfhosting.com