Read the rest of the thread leading up to it. If you still can't understand why I was referring to security, then I will submit out of shear frustration.
-Matt On Wednesday, September 3, 2003, at 03:19 PM, <[EMAIL PROTECTED]> wrote: > Matt are you my brother? > not only do you look like me but you have my temper as well, lol > > i read the mail as you put it > "Who needs cffile or cfdirectory when you can use use java.io.File?" > > nothing in that to me suggested > "disabling cffile and cfdirectory DOES NOT SECURE YOUR SERVER." > > although I could have missed a few threads as I seem to get many > threads > way after the fact if at all. > sometimes I get the answers before the ?'s, kinda odd > > > > > > > > > > >> Please read these emails in context of their thread. I am not >> suggesting that CFML developers use java.io.File instead of cffile or >> cfdirectory. I am suggesting that disabling cffile and cfdirectory >> DOES >> NOT SECURE YOUR SERVER. >> >> -Matt >> >> On Wednesday, September 3, 2003, at 02:39 PM, <[EMAIL PROTECTED]> >> wrote: >> >>> some of us dont know what that is matt. >>> a lot of us dont know java & maybe dont have time to learn it. >>> a lot of us need cffile. gawd knows i do:) >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>>> Who needs cffile or cfdirectory when you can use use java.io.File? >>>> >>>> -Matt >>>> >>>> On Wednesday, September 3, 2003, at 02:12 PM, Doug White wrote: >>>> >>>>> Most Shared providers disable CFFILE and CFDIRECTORY anyway >>>>> >>>>> ====================================== >>>>> Stop spam on your domain, use our gateway! >>>>> For hosting solutions http://www.clickdoug.com >>>>> Featuring Win2003 Enterprise, RedHat Linux, CFMX 6.1 and all >>>>> databases. ISP rated: >>>>> http://www.forta.com/cf/isp/isp.cfm?isp_id=772 >>>>> Suggested corporate Anti-virus policy: >>>>> http://www.dshield.org/antivirus.pdf >>>>> ====================================== >>>>> If you are not satisfied with my service, my job isn't done! >>>>> >>>>> ----- Original Message ----- >>>>> From: "Ryan Kime" <[EMAIL PROTECTED]> >>>>> To: "CF-Talk" <[EMAIL PROTECTED]> >>>>> Sent: Wednesday, September 03, 2003 11:29 AM >>>>> Subject: RE: DWMX 2004 - Whats new for us? >>>>> >>>>> >>>>> | >I used the word "free".....they use the word "included" >>>>> | >>>>> | Semantics, I know, but here is the page I am referring to: >>>>> | >>>>> | http://www.uniserve.com/bus/usa/web/rates_glance.php?c=nt >>>>> | >>>>> | >>>>> | >Why should they use Enterprise if it's not required (i.e. >>>>> clustering/load >>>>> | balancing etc.). >>>>> | >>>>> | Hmmmm...maybe to keep other people from using your database >>>>> connections and >>>>> | your custom tags. Plus keep the general population on the server >>>>> from using >>>>> | cfdirectory/cffile outside their account's root. That's enough to >>>>> make me >>>>> | look elsewhere. >>>>> | >>>>> | >>>>> | -----Original Message----- >>>>> | From: Bryan Stevenson [mailto:[EMAIL PROTECTED] | >>>>> Sent: Wednesday, September 03, 2003 11:07 AM >>>>> | To: CF-Talk >>>>> | Subject: Re: DWMX 2004 - Whats new for us? >>>>> | >>>>> | >>>>> | Well Ryan they are absolutely great and in 5 years I have never >>>>> had a CF >>>>> | related problem that wasn't fixed within 15 minutes of it being >>>>> found (and I >>>>> | can count how many issues on one hand). >>>>> | >>>>> | I used the word "free".....they use the word "included". >>>>> | >>>>> | Why would you "run away" if they are using Pro/Standard? Why >>>>> should >>>>> they >>>>> | use Enterprise if it's not required (i.e. clustering/load >>>>> balancing etc.). >>>>> | >>>>> | These guys are a national ISP and can easily absorb the cost of >>>>> the | software....that's how. >>>>> | >>>>> | Cheers >>>>> | >>>>> | Bryan Stevenson B.Comm. >>>>> | VP & Director of E-Commerce Development >>>>> | Electric Edge Systems Group Inc. >>>>> | t. 250.920.8830 >>>>> | e. [EMAIL PROTECTED] >>>>> | >>>>> | --------------------------------------------------------- >>>>> | Macromedia Associate Partner >>>>> | www.macromedia.com >>>>> | --------------------------------------------------------- >>>>> | Vancouver Island ColdFusion Users Group >>>>> | Founder & Director >>>>> | www.cfug-vancouverisland.com >>>>> | ----- Original Message ----- >>>>> | From: "Ryan Kime" <[EMAIL PROTECTED]> >>>>> | To: "CF-Talk" <[EMAIL PROTECTED]> >>>>> | Sent: Wednesday, September 03, 2003 8:13 AM >>>>> | Subject: RE: DWMX 2004 - Whats new for us? >>>>> | >>>>> | >>>>> | > "There's no such thing as a free lunch" >>>>> | > >>>>> | > I would be leery of *free* CF and SQL Server, both of those >>>>> cost >>>>> a >>>>> | > pretty penny and are not easy to cover without passing some of >>>>> the >>>>> | > cost on to customers. It also makes me wonder why they use the >>>>> term | > "FREE" and not "included" when describing their plans. | > >>>>> | > Which version of CF are they using? If it's Pro/Standard and >>>>> not >>>>> | >>>>> Enterprise, >>>>> | > don't walk, but run away as fast as you can. >>>>> | > >>>>> | > Ryan >>>>> | > >>>>> | > -----Original Message----- >>>>> | > From: Bryan Stevenson [mailto:[EMAIL PROTECTED] | >>>>> > >>>>> Sent: Wednesday, September 03, 2003 9:55 AM >>>>> | > To: CF-Talk >>>>> | > Subject: Re: DWMX 2004 - Whats new for us? >>>>> | > >>>>> | > >>>>> | > Hey All, >>>>> | > >>>>> | > Just thought I'd chime in here. >>>>> | > >>>>> | > I've seen a lot of folks mentioning BlueDragon and how it may >>>>> bring | > down hosting costs for CF. Well I'm not sure about the >>>>> US, but CF is >>>>> | > starting >>>>> | to >>>>> | > be offered for NO EXTRA CHARGE up here in Canada. >>>>> | > >>>>> | > www.uniserve.com for example (and there are others). >>>>> | > >>>>> | > NT Hosting with SQL Server 2000 and CFMX in a shared >>>>> environment >>>>> for >>>>> | > about $35 CDN/month and they rock!! I've used the company they >>>>> | >>>>>> recently >>>>> | acquired >>>>> | > (Axion Internet) for the past 5 years and the service only got >>>>> better >>>>> | after >>>>> | > the merger. Beleive it or not the SQL Server does not even add >>>>> any | monthly >>>>> | > cost...just a $25 CDN setup fee!! >>>>> | > >>>>> | > So while BD may help bring other ISPs down to earth.....that >>>>> move is >>>>> | already >>>>> | > happening here ;-) >>>>> | > >>>>> | > Cheers >>>>> | > >>>>> | > Bryan Stevenson B.Comm. >>>>> | > VP & Director of E-Commerce Development >>>>> | > Electric Edge Systems Group Inc. >>>>> | > t. 250.920.8830 >>>>> | > e. [EMAIL PROTECTED] >>>>> | > >>>>> | > --------------------------------------------------------- >>>>> | > Macromedia Associate Partner >>>>> | > www.macromedia.com >>>>> | > --------------------------------------------------------- >>>>> | > Vancouver Island ColdFusion Users Group >>>>> | > Founder & Director >>>>> | > www.cfug-vancouverisland.com >>>>> | > ----- Original Message ----- >>>>> | > From: "Jim Davis" <[EMAIL PROTECTED]> >>>>> | > To: "CF-Talk" <[EMAIL PROTECTED]> >>>>> | > Sent: Tuesday, September 02, 2003 6:54 PM >>>>> | > Subject: RE: DWMX 2004 - Whats new for us? >>>>> | > >>>>> | > >>>>> | > > For me, I wouldn't at the moment just because I'm very happy >>>>> where I >>>>> | > > am (CrystalTech). >>>>> | > > >>>>> | > > However BlueDragon has the definite potential to bring CF >>>>> hosting | > > prices down significantly (one of the complaints I >>>>> here about CF) so >>>>> | > > I would really like to see it offered by a few hosts. >>>>> | > > >>>>> | > > As Vince pointed out in a branch from this thread BlueDragon >>>>> also | > > makes excellent sense for somebody that wants to package >>>>> their CF | > > application for use on a server lacking CF (which >>>>> can >>>>> be in either >>>>> | > > J2EE or, soon, .NET). >>>>> | > > >>>>> | > > Although this market has traditionally been very small with >>>>> CF >>>>> Blue >>>>> | > > Dragon may expand it greatly. >>>>> | > > >>>>> | > > Jim Davis >>>>> | > > >>>>> | > > > -----Original Message----- >>>>> | > > > From: Mike Brunt [mailto:[EMAIL PROTECTED] >>>>> | > > > Sent: Tuesday, September 02, 2003 11:28 AM >>>>> | > > > To: CF-Talk >>>>> | > > > Subject: RE: DWMX 2004 - Whats new for us? >>>>> | > > > >>>>> | > > > There is another question in the whole Bluedragon debate. >>>>> How >>>>> | > > > many of >>>>> | > > us >>>>> | > > > would move our site(s) to a hosting company using BD >>>>> instead >>>>> of MM >>>>> | > > > ColdFusion? >>>>> | > > > >>>>> | > > > Kind Regards - Mike Brunt >>>>> | > > > Webapper Services LLC >>>>> | > > > Web Site http://www.webapper.com >>>>> | > > > Blog http://www.webapper.net >>>>> | > > > >>>>> | > > > Webapper <Web Application Specialists> >>>>> | > > > >>>>> | > > > -----Original Message----- >>>>> | > > > From: Jim Davis [mailto:[EMAIL PROTECTED] >>>>> | > > > Sent: Tuesday, September 02, 2003 7:56 AM >>>>> | > > > To: CF-Talk >>>>> | > > > Subject: RE: DWMX 2004 - Whats new for us? >>>>> | > > > >>>>> | > > > > -----Original Message----- >>>>> | > > > > From: Matt Liotta [mailto:[EMAIL PROTECTED] >>>>> | > > > > Sent: Tuesday, September 02, 2003 2:16 AM >>>>> | > > > > To: CF-Talk >>>>> | > > > > Subject: Re: DWMX 2004 - Whats new for us? >>>>> | > > > > >>>>> | > > > > > If your clients are small enough where the cost of CF >>>>> is >>>>> | >>>>>>> prohibitive >>>>> | > > > it >>>>> | > > > > > may be likely that the cost of managing an Intranet is >>>>> also | > > > prohibitive >>>>> | > > > > > (although they may be doing it anyway and have never >>>>> done a | > > > > > cost analysis). >>>>> | > > > > > >>>>> | > > > > I'll agree with that, but certainly the use of certain >>>>> software >>>>> | > > > > e.g. >>>>> | > > > CF >>>>> | > > > > could be what tips the scale. If that is the case, then a >>>>> | >>>>>>>>> cheaper implementation of CFML (BlueDragon) can certainly >>>>> help >>>>> | > > > > in that >>>>> | > > regard. >>>>> | > > > >>>>> | > > > It definitely has an effect, but in most cases (and >>>>> certainly not >>>>> | > > > in CF's case) the cost of software is very small compared >>>>> to >>>>> | >>>>>>>> maintenance and general infrastructure costs. >>>>> | > > > >>>>> | > > > Even managing a small, single Intranet server using free >>>>> software >>>>> | > > > can >>>>> | > > be >>>>> | > > > (often surprisingly) very costly once you do a full >>>>> resource >>>>> | >>>>>>>> map/prediction - especially when extended to the life of the | > >>>>>>> server. >>>>> | > > > >>>>> | > > > All that being said every little bit does help. ;^) If >>>>> software >>>>> | > > costs >>>>> | > > > are lower then you total project costs COULD definitely be >>>>> lower >>>>> | > > > (but often aren't due to other factors not commonly taken >>>>> into >>>>> | > > > account). >>>>> | > > > >>>>> | > > > > > Many hosting companies are hosting their Intranet at >>>>> "public" >>>>> | > > hosts >>>>> | > > > for >>>>> | > > > > > this reason. There are some hosts that do nothing but >>>>> | >>>>> >>>>>> >>>>>>>>> traditional Intranet applications along with email >>>>> (Exchange >>>>> | > > > > > hosting, for >>>>> | > > > example, >>>>> | > > > > > is pretty common due to the cost and complexity of >>>>> managing an >>>>> | > > > Exchange >>>>> | > > > > > server). >>>>> | > > > > > >>>>> | > > > > That may be, but there are serious issues with >>>>> outsourcing >>>>> | >>>>>>>>> internal >>>>> | > > IT >>>>> | > > > > resources externally that many of these companies may not >>>>> be >>>>> | > > > > aware >>>>> | > > of. >>>>> | > > > > One example of this is that their WAN connection becomes >>>>> a >>>>> | >>>>>>>>> single >>>>> | > > > point >>>>> | > > > > of failure. Then of course there are legality issues >>>>> related >>>>> to >>>>> | > > giving >>>>> | > > > > non-employees access to sensitive data that aren't under >>>>> | >>>>> >>>>>> >>>>>>>> specific consulting agreements, which is the case when your | > >>>>>>>> email is hosted >>>>> | > > by >>>>> | > > > a >>>>> | > > > > 3rd party. >>>>> | > > > >>>>> | > > > All true - this all depends, of course, on how much the >>>>> company | > > > wants >>>>> | > > to >>>>> | > > > spend as well. If you want to get away more cheaply you'll >>>>> be >>>>> | > > > sacrificing some things. A full "bullet-proof" system will >>>>> always >>>>> | > > cost >>>>> | > > > more. >>>>> | > > > >>>>> | > > > > > No, consider an Intranet with is planned to contain, >>>>> let's >>>>> | > > > > > say, >>>>> | > > six >>>>> | > > > > > distinct applications (not at all uncommon). My case >>>>> now is >>>>> | > > > > > that >>>>> | > > > each >>>>> | > > > > > of these applications only has to save two hours of | > >>>>>>>>> development >>>>> | > > time >>>>> | > > > > > due >>>>> | > > > > > to CF for it to be just as cost effective as a "free" | >>>>>> >>>>>>>>> solution. >>>>> | > > > > > >>>>> | > > > > Of course, the case with BlueDragon would only need to >>>>> save one >>>>> | > > > > hour per application. >>>>> | > > > >>>>> | > > > True. I'm not arguing against Blue Dragon but rather the >>>>> concept >>>>> | > > > that software costs (at this level) are major >>>>> considerations. >>>>> Too >>>>> | > > > many >>>>> | > > times >>>>> | > > > I've heard "we can't afford CF" only to watch a company >>>>> spends >>>>> | > > thousands >>>>> | > > > more pursuing an untried "free" solution. >>>>> | > > > >>>>> | > > > The problem here is almost always one of training and >>>>> | > > > applicability. >>>>> | > > A >>>>> | > > > company that has great Linux/PostGres/PHP people will, of >>>>> course, >>>>> | > > > use them. But a company looking for a solution often >>>>> gravitates to >>>>> | > > > free software due to cost concerns. >>>>> | > > > >>>>> | > > > Developers are then in the position of learning these tools >>>>> as >>>>> | > > > they develop - which ends up costing far, far more in the >>>>> long >>>>> run >>>>> | > > > than setting up, for example, a Windows environment that >>>>> they may >>>>> | > > > have some experience with. >>>>> | > > > >>>>> | > > > For a medium/large company this isn't a problem as the >>>>> extra >>>>> time >>>>> | > > > can >>>>> | > > be >>>>> | > > > split with R&D/Training and down the road you do gain. But >>>>> for | > > > the >>>>> | > > very >>>>> | > > > small company this often locks them into a money-pit; tying >>>>> them >>>>> | > > > into >>>>> | > > a >>>>> | > > > solution they don't know and resulting either in a failed >>>>> project >>>>> | > > > or >>>>> | > > one >>>>> | > > > that doesn't meet expectations. >>>>> | > > > >>>>> | > > > Many of them are roped in by contractors that claim they >>>>> can >>>>> "pick >>>>> | > > > up" something easily. My advice to small business is >>>>> always >>>>> stick >>>>> | > > > with >>>>> | > > what >>>>> | > > > you know and always pay extra for gurus. >>>>> | > > > >>>>> | > > > Jim Davis >>>>> | > > > >>>>> | > > > >>>>> | > > > >>>>> | > > > >>>>> | > > >>>>> | > >>>>> | > >>>>> | >>>>> | >>>>> >>>> >>> >> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/lists.cfm?link=t:4 Subscription: http://www.houseoffusion.com/lists.cfm?link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm