I offered a solution doing just that in an article in the Feb 2002 CFDJ called "Unlocking Restricted Use of CFFILE, CFCONTENT, and More", available at http://www.sys-con.com/coldfusion/article.cfm?id=404. It addresses how to solve this problem in CF 5.
Before anyone sees that title and think I'm suggesting how to circumvent security, please read the article. I'm showing how (as is suggested in the notes below) one could implement a way to get around simple CFFILE security in a controlled way in conjunction with the CF Admin. It's just a very underrated CF5 feature (the "unsecured tags directory") that I point out. And for the later notes pointing up Sandbox Security and the potential to solve this problem that way, I'll add as well that I wrote a couple of articles on the subject late last year, at: ColdFusion Security, Part One: Understanding Sandbox/Resource Security http://www.macromedia.com/desdev/security/articles/sandbox_01.html ColdFusion Security, Part Two: Sandbox/Resource Basics http://www.macromedia.com/desdev/security/articles/sandbox_02.html /charlie > -----Original Message----- > From: Thomas Chiverton [mailto:[EMAIL PROTECTED] > Sent: Thursday, September 04, 2003 11:20 AM > To: CF-Talk > Subject: Re: DWMX 2004 - Whats new for us? > > > On Thursday 04 Sep 2003 15:32 pm, Matt Liotta wrote: > > > Right. > > > But if your hosting provider has wiped out cffile ... ? > > > > Then I am sure they won't let you install a CFX that does the same > > thing. > > I don't think they'd have any choice. > Of course, what they should do, is provide a cf_file which is > a wrapper round > cffile, but appends your hosted directory path to all the > path/filename > arguments or something. > > -- > Tom C > "Land of the free, home of the brave... you have to be brave > to live there and > enjoy the freedoms" > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/lists.cfm?link=t:4 Subscription: http://www.houseoffusion.com/lists.cfm?link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Get the mailserver that powers this list at http://www.coolfusion.com