Hello again,
Well, the idea doesn't seem to have stimulated much
discussion. Still, I think there is something to
this.
Ben Elmore's ColdFusion MX Components: A New
Methodology for Building Applications (PDF 770K),
http://www.macromedia.com/devnet/mx/coldfusion/articles/cfcmethodology.pdf,
talks about CFC's impact on Team effectiveness:
...How quickly developers can consume, understand and
use (each others') code or module. Well, the CFC
browser is great. But how do you make developers
use it? I mean, team management is 50% yelling at
developers to comment and use other best practices
like no reinventing the wheel but instead tying into
existing wheels. What if, by virtue of something like
overlapping sandboxes, they had no choice?
--- Blum, Jason (SAA) [EMAIL PROTECTED]
wrote:
Hey Richard,
It's definitely not a looney idea. I have been
wondering the same
thing.
-J
Subject: Overlapping Security Sandboxes in MX?
From: Richard Heiser [EMAIL PROTECTED]
Date: Mon, 25 Aug 2003 05:26:51 -0700 (PDT)
Thread:
http://www.houseoffusion.com/cf_lists/index.cfm?method=messagesthreadid
=26634forumid=4#133924
Hello!
I teach a few ColdFusion classes and have to admin
the
CF Server in a lab I share with other instructors.
I
am thrilled with MX's security sandboxes but
profoundly disappointed by the folks at MM
apparently
missing what to me seems like the next obvious step:
overlapping security sandboxes: sandboxes that don't
necessarily override extensions that are called by
their local templates: Templates in Security Sandbox
A
are denied access to resource C. But templates in
sandbox A can invoke or call or include
templates in security sandbox B which are granted
access resource C.
So each student codes in a sandbox that has alone
access to some resource. And their assignment is to
first expose that resource to classmates as a CFC,
and
second to invoke everyone else's CFC's.
But think also about the implications for
coordinating
a team of developers: everyone works on his or her
own
black box and is essentially forced to build off
each others' code because they are not able to
access
certain core resources in their own code.
So far, none of this can be achieved except via web
services. All code called, invoked or included by a
template is subject to THAT template's local
security
sandbox settings. Sigh...
So what does everyone think? Would this be totally
amazing? Or is it just looney? Anyone have any
idea
how I might bounce this off someone up at MM?
Cheers!
-Richard
~|
Archives: http://www.houseoffusion.com/lists.cfm?link=t:4
Subscription: http://www.houseoffusion.com/lists.cfm?link=s:4
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Signup for the Fusion Authority news alert and keep up with the latest news in
ColdFusion and related topics.
http://www.fusionauthority.com/signup.cfm