Douglas Knudsen wrote: > and who is to audit and ensure the developer is doing this?
The security department. If they have such a large network to monitor I am sure they run regular Nessus scans and automatically quarantaine problems anyway. > Further more > shouldn't this config be something the PC support folks should setup and > maintain? Not necessarily. For a local development setup you do not need Local Administrator, Power User is more then enough. (But if the PC support folks want to get involved you can do with User and a little bit of Security Templates voodoo.) > In a large organisation with 10000+ PCs these are big and costly > issues, eh? A security head might just make seemingly idiotic choices to > save their respective butts, eh? Remember NIMDA? The good old days you mean. Yea, I remember that: patches came out only every now and then, you had about three months to apply them before they were exploited. It is just a matter of procedure. I put yesterdays Admin API patch from Adobe on the build server yesterday morning and everybody who gets a new build today is patched. Piece of cake. Jochem ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:249402 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4