I think that some people on the list are blowing this issue out of proportion as a "bug" when it's really just expected behavior (and always has been) for ColdFusion. However, I don't think it would be a bad idea for Macromedia to examine this and other security issues for adjustment in future versions of ColdFusion.
I'm not entirely familiar with the underlying memory management in CF, but it seems to me that if sandboxing protects disk access, it should probably protect memory space as well (if it can). So far I have the impression that most of the security features in CF for shared hosting are reactionary in nature and not proactive. At the end of the day though, if you are dealing with data so sensitive that you have to be absolutely sure no-one else can access it, you simply need to have your own dedicated server. Doing any less (in any language) is really short-changing your clients and/or customers on the level of security that they are very likely to expect you are providing for them. -Cameron -- Cameron Childress Sumo Consulting Inc http://www.sumoc.com --- cell: 678.637.5072 aim: cameroncf email: [EMAIL PROTECTED] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Find out how CFTicket can increase your company's customer support efficiency by 100% http://www.houseoffusion.com/banners/view.cfm?bannerid=49 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:204141 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
