Thanks Dave. Is there any default setting in CF Administrator we should be
aware of which may compromise security?
Bob Smith
[EMAIL PROTECTED] (Dave Watts) wrote:
> Is anyone aware of the minimum permissions to be granted to
> the directories housing cfm files(ie read,script,execute etc.)
> at both NT and IIS Levels.
You'll have to allow read-execute (RX) rights to the accounts used by the CF
Server and the web server (or web user, if you're using IIS and its
authentication; that user is typically IUSR_MACHINENAME). If you're running
NT 4 SP 4 or higher (or maybe SP 5, I forget) or Win2K, you can specify more
granular permissions; you might be able to allow the web user only read
rights, without execute.
In IIS, you'll need to allow script permissions, if you set the CF DLL to be
a script engine in the ISAPI configuration screen (I don't think it's a
script engine by default). If not, you'll need to allow execute permissions.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
voice: (202) 797-5496
fax: (202) 797-5444
Get free email and a permanent address at http://www.amexmail.com/?A=1
--
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebarRsts&bodyRsts/cf_talk or send a message
to [EMAIL PROTECTED] with 'unsubscribe' in the body.