RE: [ACFUG Discuss] CF Service Account
Ah, but that's my point about the Resource/Sandbox security. When I asked if people had considered it, I definitely meant enabling other than the default settings, because, no, out of the box, it's wide open. Still, I'm not denying the power and value of OS security to back it up. Just saying, especially in a shop where perhaps one is challenged to implement OS security, there's far more value in locking things down in the Resource/Sandbox security mechanism than many seem to consider. I just think it should always be brought up in addition to OS security when discussing locking down CF servers. /charlie -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Mason Sent: Wednesday, August 01, 2007 4:58 PM To: discussion@acfug.org Subject: RE: [ACFUG Discuss] CF Service Account The issue, as I remember, is how Jrun implements JAAS. Lib is actually open by default. Also bare in mind, I'm speaking of default settings here. Once again, the main point, is don't rely on Adobe/Microsoft to keep your site secure. You have to take additional precautions to secure your site and server John [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H. Saxe Sent: Wednesday, August 01, 2007 4:36 PM To: discussion@acfug.org Subject: Re: [ACFUG Discuss] CF Service Account If you are using sandbox security, which under the hood probably uses JAAS, this shouldn't be possible. Besides... who allows someone to write to the lib dir anyway? -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] I have always strenuously supported the right of every man to his own opinion, however different that opinion might be to mine. He who denies another this right makes a slave of himself to his present opinion, because he precludes himself the right of changing it. -- Thomas Paine, 1783 On Aug 1, 2007, at 4:34 PM, John Mason wrote: You're right and it's been post a few years ago so it's not news really. This is one of the reasons I wish CF was more open source to begin with, but here you guys go. If you have cfobject (java) enabled, this script simply writes and compiles a java class in the lib directory. This then opens up the ability to do other things. This dates back to when CF made the jump into java. I believe this is more an issue with Jrun4 really than CF. http://securitytracker.com/alerts/2004/Oct/1011475.html John [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H. Saxe Sent: Wednesday, August 01, 2007 3:32 PM To: discussion@acfug.org Subject: Re: [ACFUG Discuss] CF Service Account Well the point is really you can't secure what you don't know about. CF can be a very secure platform if you know how to secure it and write secure code on top of it. Hiding details on security vulnerabilities does nothing to help the situation, the blackhats know the details and the rest of us are left to defend ourselves. Honestly, I'm too lazy (er, busy!) right now to go look up the specifics on this vulnerability that is mentioned here... -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] What is objectionable, what is dangerous about extremists is not that they are extreme, but that they are intolerant. -- Robert F. Kennedy, 1964 On Aug 1, 2007, at 3:28 PM, Kevin wrote: Security by obscurity is not a good mechanism... let everyone see. Yes really... Thats what MS does... Hide everything so you cant see the holes? This community may find out your NOT as secure as you thought? On 8/1/07, Dean H. Saxe [EMAIL PROTECTED] wrote: Security by obscurity is not a good mechanism... let everyone see. -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] What is objectionable, what is dangerous about extremists is not that they are extreme, but that they are intolerant. -- Robert F. Kennedy, 1964 On Aug 1, 2007, at 3:24 PM, John Mason wrote: Dean, I'll need to email you off list after the meeting. I naturally don't like sharing that stuff in the open for everyone to see. For everyone out there - needless to say, don't just depend on the CF level of security. Security should always include multiple layers. Otherwise it won't hold up very well. John Mason [EMAIL PROTECTED] 770.337.8363 www.FusionLink.com - ColdFusion and Flex hosting Now offering ColdFusion 8 Enterprise hosting FREE Subversion hosting From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H. Saxe Sent: Wednesday, August 01, 2007 3:17 PM To: discussion@acfug.org Subject: Re: [ACFUG Discuss] CF Service Account Sandbox security is fine when it is backed up by OS-level security. What hack do you refer to? That's a new one on me. -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] [U]nconstitutional behavior by the authorities is constrained only by the peoples
Re: [ACFUG Discuss] CF Service Account
CF should never be run as a high privileged account. Create a low privilege account and run CF under that account. Only allow CF permissions on the filesystem where they are absolutely required. Ensure CF does not have any administrative privileges if they are not used (like using cfregistry to edit the registry). For other server shares, ensure that the account you created has rights on those shares. This is commonly called implementing the principle of least privilege. -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] What is objectionable, what is dangerous about extremists is not that they are extreme, but that they are intolerant. -- Robert F. Kennedy, 1964 On Aug 1, 2007, at 12:21 PM, Rob Saxon wrote: By default the CF service runs as a System account. What is the best practice to allow this service to access all areas of the web server and other server shares? Here are some ideas I considered: Scenario 1: Creating a domain account for the service with that belongs to the local Admin group for the host server. Scenario 2: Creating a local account on the host and shared servers with the same name and make that account a member of the web server’s admin group and give that local account access to the share on the remote server. Is either of these possibilities recommended? If not, are there any suggestions? Take care, Rob -- - Rob Saxon Director Web Management Mercer University 478-301-5550 - Annual Sponsor - Figleaf Software To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by FusionLink -
RE: [ACFUG Discuss] CF Service Account
And don't forget that beyond that, the Resource/Sandbox security features in the CFMX Admin do allow you to create further limits on what CF is allowed to do (directories accessible, and more). In the Std edition, you get Resource Security to control what ALL CF templates in all apps on that CF server can do. In Enterprise, you get Sandbox Security, which lets you create either a global sandbox and/or ones per app. I wrote about this in the CFMX 6 timeframe (and it's not changed, really) at two DevCenter articles: ColdFusion Security, Part One: Understanding Sandbox/Resource Security http://www.adobe.com/devnet/security/articles/sandbox_01.html Security, Part Two: Setting Up Sandbox/Resource Security http://www.adobe.com/devnet/security/articles/sandbox_02.html /charlie _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H. Saxe Sent: Wednesday, August 01, 2007 12:25 PM To: discussion@acfug.org Subject: Re: [ACFUG Discuss] CF Service Account CF should never be run as a high privileged account. Create a low privilege account and run CF under that account. Only allow CF permissions on the filesystem where they are absolutely required. Ensure CF does not have any administrative privileges if they are not used (like using cfregistry to edit the registry). For other server shares, ensure that the account you created has rights on those shares. This is commonly called implementing the principle of least privilege. -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] What is objectionable, what is dangerous about extremists is not that they are extreme, but that they are intolerant. -- Robert F. Kennedy, 1964 On Aug 1, 2007, at 12:21 PM, Rob Saxon wrote: By default the CF service runs as a System account. What is the best practice to allow this service to access all areas of the web server and other server shares? Here are some ideas I considered: Scenario 1: Creating a domain account for the service with that belongs to the local Admin group for the host server. Scenario 2: Creating a local account on the host and shared servers with the same name and make that account a member of the web server's admin group and give that local account access to the share on the remote server. Is either of these possibilities recommended? If not, are there any suggestions? Take care, Rob --- Rob Saxon Director Web Management Mercer University 478-301-5550 - Annual Sponsor - Figleaf Software http://www.figleaf.com To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by FusionLink http://www.fusionlink.com - - Annual Sponsor FigLeaf Software - http://www.figleaf.com To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com -
RE: [ACFUG Discuss] CF Service Account
Dean said it and I completely agree. Be very careful not to use the default local system account for this or on a AD account. A web app really doesn't need high level permissions. If you can share why you would need to access shared drives, etc. Maybe we can advise a better way. On the question itself, yes you can change this to an AD (active directory) account that has permissions to the local server and those shared drives. The second method would only happen if you didn't have AD on. John Mason [EMAIL PROTECTED] 770.337.8363 www.FusionLink.com http://www.fusionlink.com/ - ColdFusion and Flex hosting Now offering ColdFusion 8 Enterprise hosting FREE Subversion hosting _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rob Saxon Sent: Wednesday, August 01, 2007 12:22 PM To: discussion@acfug.org Subject: [ACFUG Discuss] CF Service Account By default the CF service runs as a System account. What is the best practice to allow this service to access all areas of the web server and other server shares? Here are some ideas I considered: Scenario 1: Creating a domain account for the service with that belongs to the local Admin group for the host server. Scenario 2: Creating a local account on the host and shared servers with the same name and make that account a member of the web server's admin group and give that local account access to the share on the remote server. Is either of these possibilities recommended? If not, are there any suggestions? Take care, Rob --- Rob Saxon Director Web Management Mercer University 478-301-5550 - Annual Sponsor - Figleaf Software http://www.figleaf.com To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by FusionLink http://www.fusionlink.com - - Annual Sponsor FigLeaf Software - http://www.figleaf.com To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com -
RE: [ACFUG Discuss] CF Service Account
Thank you John and Dean for your feedback. The CF script needs to write the contents of a web form to a folder on another server so that an application on that server can read in the form results. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of John Mason Sent: Wednesday, August 01, 2007 1:50 PM To: discussion@acfug.org Subject: RE: [ACFUG Discuss] CF Service Account Dean said it and I completely agree. Be very careful not to use the default local system account for this or on a AD account. A web app really doesn't need high level permissions. If you can share why you would need to access shared drives, etc. Maybe we can advise a better way. On the question itself, yes you can change this to an AD (active directory) account that has permissions to the local server and those shared drives. The second method would only happen if you didn't have AD on. John Mason [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] 770.337.8363 www.FusionLink.com http://www.fusionlink.com/ - ColdFusion and Flex hosting Now offering ColdFusion 8 Enterprise hosting FREE Subversion hosting _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rob Saxon Sent: Wednesday, August 01, 2007 12:22 PM To: discussion@acfug.org Subject: [ACFUG Discuss] CF Service Account By default the CF service runs as a System account. What is the best practice to allow this service to access all areas of the web server and other server shares? Here are some ideas I considered: Scenario 1: Creating a domain account for the service with that belongs to the local Admin group for the host server. Scenario 2: Creating a local account on the host and shared servers with the same name and make that account a member of the web server's admin group and give that local account access to the share on the remote server. Is either of these possibilities recommended? If not, are there any suggestions? Take care, Rob --- Rob Saxon Director Web Management Mercer University 478-301-5550 - Annual Sponsor - Figleaf Software http://www.figleaf.com To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by FusionLink http://www.fusionlink.com - - Annual Sponsor - Figleaf Software http://www.figleaf.com To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by FusionLink http://www.fusionlink.com - - Annual Sponsor FigLeaf Software - http://www.figleaf.com To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com -
RE: [ACFUG Discuss] CF Service Account
Probably the easiest thing to do is flip this logic around. Have the CF side write the file somewhere on it's server. Then have that directory location mapped to the server with the processing application. Have the processing application simply pull from the shared drive. Make sense? John Mason [EMAIL PROTECTED] 770.337.8363 www.FusionLink.com http://www.fusionlink.com/ - ColdFusion and Flex hosting Now offering ColdFusion 8 Enterprise hosting FREE Subversion hosting _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rob Saxon Sent: Wednesday, August 01, 2007 2:05 PM To: discussion@acfug.org Subject: RE: [ACFUG Discuss] CF Service Account Thank you John and Dean for your feedback. The CF script needs to write the contents of a web form to a folder on another server so that an application on that server can read in the form results. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of John Mason Sent: Wednesday, August 01, 2007 1:50 PM To: discussion@acfug.org Subject: RE: [ACFUG Discuss] CF Service Account Dean said it and I completely agree. Be very careful not to use the default local system account for this or on a AD account. A web app really doesn't need high level permissions. If you can share why you would need to access shared drives, etc. Maybe we can advise a better way. On the question itself, yes you can change this to an AD (active directory) account that has permissions to the local server and those shared drives. The second method would only happen if you didn't have AD on. John Mason [EMAIL PROTECTED] 770.337.8363 www.FusionLink.com http://www.fusionlink.com/ - ColdFusion and Flex hosting Now offering ColdFusion 8 Enterprise hosting FREE Subversion hosting _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rob Saxon Sent: Wednesday, August 01, 2007 12:22 PM To: discussion@acfug.org Subject: [ACFUG Discuss] CF Service Account By default the CF service runs as a System account. What is the best practice to allow this service to access all areas of the web server and other server shares? Here are some ideas I considered: Scenario 1: Creating a domain account for the service with that belongs to the local Admin group for the host server. Scenario 2: Creating a local account on the host and shared servers with the same name and make that account a member of the web server's admin group and give that local account access to the share on the remote server. Is either of these possibilities recommended? If not, are there any suggestions? Take care, Rob --- Rob Saxon Director Web Management Mercer University 478-301-5550 - Annual Sponsor - Figleaf Software http://www.figleaf.com To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by FusionLink http://www.fusionlink.com - - Annual Sponsor - Figleaf Software http://www.figleaf.com To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by FusionLink http://www.fusionlink.com - - Annual Sponsor - Figleaf Software http://www.figleaf.com To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by FusionLink http://www.fusionlink.com - - Annual Sponsor FigLeaf Software - http://www.figleaf.com To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com -
RE: [ACFUG Discuss] CF Service Account
No value in the resource/sandbox security? :-) /charlie _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rob Saxon Sent: Wednesday, August 01, 2007 2:05 PM To: discussion@acfug.org Subject: RE: [ACFUG Discuss] CF Service Account Thank you John and Dean for your feedback. The CF script needs to write the contents of a web form to a folder on another server so that an application on that server can read in the form results. - Annual Sponsor FigLeaf Software - http://www.figleaf.com To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com -
Re: [ACFUG Discuss] CF Service Account
Security by obscurity is not a good mechanism... let everyone see. -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] What is objectionable, what is dangerous about extremists is not that they are extreme, but that they are intolerant. -- Robert F. Kennedy, 1964 On Aug 1, 2007, at 3:24 PM, John Mason wrote: Dean, I'll need to email you off list after the meeting. I naturally don't like sharing that stuff in the open for everyone to see. For everyone out there - needless to say, don't just depend on the CF level of security. Security should always include multiple layers. Otherwise it won't hold up very well. John Mason [EMAIL PROTECTED] 770.337.8363 www.FusionLink.com - ColdFusion and Flex hosting Now offering ColdFusion 8 Enterprise hosting FREE Subversion hosting From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H. Saxe Sent: Wednesday, August 01, 2007 3:17 PM To: discussion@acfug.org Subject: Re: [ACFUG Discuss] CF Service Account Sandbox security is fine when it is backed up by OS-level security. What hack do you refer to? That's a new one on me. -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] [U]nconstitutional behavior by the authorities is constrained only by the peoples' willingness to contest them --John Perry Barlow On Aug 1, 2007, at 3:12 PM, John Mason wrote: There's some, but there's a known remote java class hack to get around it. I'm testing CF8 for this issue. Bluedragon doesn't have this issue by the way. For a lot of things sandboxing is certainly good if people would just use it ;) But if you have COM objects on and CF is running under the local service account. Which a lot of people do for some reason. You can pretty much do anything you want to a server. Taking CF off local service account achieves a lot of known security issues out right and it's easy to implement. That's why I jump on that whenever possible. John Mason [EMAIL PROTECTED] 770.337.8363 www.FusionLink.com - ColdFusion and Flex hosting Now offering ColdFusion 8 Enterprise hosting FREE Subversion hosting From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Charlie Arehart Sent: Wednesday, August 01, 2007 2:59 PM To: discussion@acfug.org Subject: RE: [ACFUG Discuss] CF Service Account No value in the resource/sandbox security? :-) /charlie From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rob Saxon Sent: Wednesday, August 01, 2007 2:05 PM To: discussion@acfug.org Subject: RE: [ACFUG Discuss] CF Service Account Thank you John and Dean for your feedback. The CF script needs to write the contents of a web form to a folder on another server so that an application on that server can read in the form results. - Annual Sponsor - Figleaf Software To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by FusionLink - - Annual Sponsor - Figleaf Software To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by FusionLink - - Annual Sponsor - Figleaf Software To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by FusionLink -
Re: [ACFUG Discuss] CF Service Account
Sandbox security is fine when it is backed up by OS-level security. What hack do you refer to? That's a new one on me. -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] [U]nconstitutional behavior by the authorities is constrained only by the peoples' willingness to contest them --John Perry Barlow On Aug 1, 2007, at 3:12 PM, John Mason wrote: There's some, but there's a known remote java class hack to get around it. I'm testing CF8 for this issue. Bluedragon doesn't have this issue by the way. For a lot of things sandboxing is certainly good if people would just use it ;) But if you have COM objects on and CF is running under the local service account. Which a lot of people do for some reason. You can pretty much do anything you want to a server. Taking CF off local service account achieves a lot of known security issues out right and it's easy to implement. That's why I jump on that whenever possible. John Mason [EMAIL PROTECTED] 770.337.8363 www.FusionLink.com - ColdFusion and Flex hosting Now offering ColdFusion 8 Enterprise hosting FREE Subversion hosting From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Charlie Arehart Sent: Wednesday, August 01, 2007 2:59 PM To: discussion@acfug.org Subject: RE: [ACFUG Discuss] CF Service Account No value in the resource/sandbox security? :-) /charlie From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rob Saxon Sent: Wednesday, August 01, 2007 2:05 PM To: discussion@acfug.org Subject: RE: [ACFUG Discuss] CF Service Account Thank you John and Dean for your feedback. The CF script needs to write the contents of a web form to a folder on another server so that an application on that server can read in the form results. - Annual Sponsor - Figleaf Software To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by FusionLink - - Annual Sponsor - Figleaf Software To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by FusionLink -
RE: [ACFUG Discuss] CF Service Account
Dean, I'll need to email you off list after the meeting. I naturally don't like sharing that stuff in the open for everyone to see. For everyone out there - needless to say, don't just depend on the CF level of security. Security should always include multiple layers. Otherwise it won't hold up very well. John Mason [EMAIL PROTECTED] 770.337.8363 www.FusionLink.com http://www.fusionlink.com/ - ColdFusion and Flex hosting Now offering ColdFusion 8 Enterprise hosting FREE Subversion hosting _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H. Saxe Sent: Wednesday, August 01, 2007 3:17 PM To: discussion@acfug.org Subject: Re: [ACFUG Discuss] CF Service Account Sandbox security is fine when it is backed up by OS-level security. What hack do you refer to? That's a new one on me. -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] [U]nconstitutional behavior by the authorities is constrained only by the peoples' willingness to contest them --John Perry Barlow On Aug 1, 2007, at 3:12 PM, John Mason wrote: There's some, but there's a known remote java class hack to get around it. I'm testing CF8 for this issue. Bluedragon doesn't have this issue by the way. For a lot of things sandboxing is certainly good if people would just use it ;) But if you have COM objects on and CF is running under the local service account. Which a lot of people do for some reason. You can pretty much do anything you want to a server. Taking CF off local service account achieves a lot of known security issues out right and it's easy to implement. That's why I jump on that whenever possible. John Mason [EMAIL PROTECTED] 770.337.8363 www.FusionLink.com http://www.fusionlink.com/ - ColdFusion and Flex hosting Now offering ColdFusion 8 Enterprise hosting FREE Subversion hosting _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Charlie Arehart Sent: Wednesday, August 01, 2007 2:59 PM To: discussion@acfug.org Subject: RE: [ACFUG Discuss] CF Service Account No value in the resource/sandbox security? :-) /charlie _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rob Saxon Sent: Wednesday, August 01, 2007 2:05 PM To: discussion@acfug.org Subject: RE: [ACFUG Discuss] CF Service Account Thank you John and Dean for your feedback. The CF script needs to write the contents of a web form to a folder on another server so that an application on that server can read in the form results. - Annual Sponsor - Figleaf Software http://www.figleaf.com To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by FusionLink http://www.fusionlink.com - - Annual Sponsor - Figleaf Software http://www.figleaf.com To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by FusionLink http://www.fusionlink.com - - Annual Sponsor FigLeaf Software - http://www.figleaf.com To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com -
Re: [ACFUG Discuss] CF Service Account
Security by obscurity is not a good mechanism... let everyone see. Yes really... Thats what MS does... Hide everything so you cant see the holes? This community may find out your NOT as secure as you thought? On 8/1/07, Dean H. Saxe [EMAIL PROTECTED] wrote: Security by obscurity is not a good mechanism... let everyone see. -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] What is objectionable, what is dangerous about extremists is not that they are extreme, but that they are intolerant. -- Robert F. Kennedy, 1964 On Aug 1, 2007, at 3:24 PM, John Mason wrote: Dean, I'll need to email you off list after the meeting. I naturally don't like sharing that stuff in the open for everyone to see. For everyone out there - needless to say, don't just depend on the CF level of security. Security should always include multiple layers. Otherwise it won't hold up very well. John Mason [EMAIL PROTECTED] 770.337.8363 www.FusionLink.com - ColdFusion and Flex hosting Now offering ColdFusion 8 Enterprise hosting FREE Subversion hosting From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H. Saxe Sent: Wednesday, August 01, 2007 3:17 PM To: discussion@acfug.org Subject: Re: [ACFUG Discuss] CF Service Account Sandbox security is fine when it is backed up by OS-level security. What hack do you refer to? That's a new one on me. -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] [U]nconstitutional behavior by the authorities is constrained only by the peoples' willingness to contest them --John Perry Barlow On Aug 1, 2007, at 3:12 PM, John Mason wrote: There's some, but there's a known remote java class hack to get around it. I'm testing CF8 for this issue. Bluedragon doesn't have this issue by the way. For a lot of things sandboxing is certainly good if people would just use it ;) But if you have COM objects on and CF is running under the local service account. Which a lot of people do for some reason. You can pretty much do anything you want to a server. Taking CF off local service account achieves a lot of known security issues out right and it's easy to implement. That's why I jump on that whenever possible. John Mason [EMAIL PROTECTED] 770.337.8363 www.FusionLink.com - ColdFusion and Flex hosting Now offering ColdFusion 8 Enterprise hosting FREE Subversion hosting From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Charlie Arehart Sent: Wednesday, August 01, 2007 2:59 PM To: discussion@acfug.org Subject: RE: [ACFUG Discuss] CF Service Account No value in the resource/sandbox security? :-) /charlie From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rob Saxon Sent: Wednesday, August 01, 2007 2:05 PM To: discussion@acfug.org Subject: RE: [ACFUG Discuss] CF Service Account Thank you John and Dean for your feedback. The CF script needs to write the contents of a web form to a folder on another server so that an application on that server can read in the form results. - Annual Sponsor - Figleaf Software To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by FusionLink - - Annual Sponsor - Figleaf Software To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by FusionLink - - Annual Sponsor - Figleaf Software To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by FusionLink - -- K / A government big enough to give you everything you want, is strong enough to take everything you have. -Thomas Jefferson If your a horse, and someone gets on you, and falls off, and then gets right back on you; I think you should buck him off right away. -Todays deep thoughts The winner in any meeting is the one with the highest caffeine resistance and bladder capacity -Roger Wright - Annual Sponsor FigLeaf Software - http://www.figleaf.com To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http
Re: [ACFUG Discuss] CF Service Account
If you are using sandbox security, which under the hood probably uses JAAS, this shouldn't be possible. Besides... who allows someone to write to the lib dir anyway? -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] I have always strenuously supported the right of every man to his own opinion, however different that opinion might be to mine. He who denies another this right makes a slave of himself to his present opinion, because he precludes himself the right of changing it. -- Thomas Paine, 1783 On Aug 1, 2007, at 4:34 PM, John Mason wrote: You're right and it's been post a few years ago so it's not news really. This is one of the reasons I wish CF was more open source to begin with, but here you guys go. If you have cfobject (java) enabled, this script simply writes and compiles a java class in the lib directory. This then opens up the ability to do other things. This dates back to when CF made the jump into java. I believe this is more an issue with Jrun4 really than CF. http://securitytracker.com/alerts/2004/Oct/1011475.html John [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H. Saxe Sent: Wednesday, August 01, 2007 3:32 PM To: discussion@acfug.org Subject: Re: [ACFUG Discuss] CF Service Account Well the point is really you can't secure what you don't know about. CF can be a very secure platform if you know how to secure it and write secure code on top of it. Hiding details on security vulnerabilities does nothing to help the situation, the blackhats know the details and the rest of us are left to defend ourselves. Honestly, I'm too lazy (er, busy!) right now to go look up the specifics on this vulnerability that is mentioned here... -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] What is objectionable, what is dangerous about extremists is not that they are extreme, but that they are intolerant. -- Robert F. Kennedy, 1964 On Aug 1, 2007, at 3:28 PM, Kevin wrote: Security by obscurity is not a good mechanism... let everyone see. Yes really... Thats what MS does... Hide everything so you cant see the holes? This community may find out your NOT as secure as you thought? On 8/1/07, Dean H. Saxe [EMAIL PROTECTED] wrote: Security by obscurity is not a good mechanism... let everyone see. -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] What is objectionable, what is dangerous about extremists is not that they are extreme, but that they are intolerant. -- Robert F. Kennedy, 1964 On Aug 1, 2007, at 3:24 PM, John Mason wrote: Dean, I'll need to email you off list after the meeting. I naturally don't like sharing that stuff in the open for everyone to see. For everyone out there - needless to say, don't just depend on the CF level of security. Security should always include multiple layers. Otherwise it won't hold up very well. John Mason [EMAIL PROTECTED] 770.337.8363 www.FusionLink.com - ColdFusion and Flex hosting Now offering ColdFusion 8 Enterprise hosting FREE Subversion hosting From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H. Saxe Sent: Wednesday, August 01, 2007 3:17 PM To: discussion@acfug.org Subject: Re: [ACFUG Discuss] CF Service Account Sandbox security is fine when it is backed up by OS-level security. What hack do you refer to? That's a new one on me. -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] [U]nconstitutional behavior by the authorities is constrained only by the peoples' willingness to contest them --John Perry Barlow On Aug 1, 2007, at 3:12 PM, John Mason wrote: There's some, but there's a known remote java class hack to get around it. I'm testing CF8 for this issue. Bluedragon doesn't have this issue by the way. For a lot of things sandboxing is certainly good if people would just use it ;) But if you have COM objects on and CF is running under the local service account. Which a lot of people do for some reason. You can pretty much do anything you want to a server. Taking CF off local service account achieves a lot of known security issues out right and it's easy to implement. That's why I jump on that whenever possible. John Mason [EMAIL PROTECTED] 770.337.8363 www.FusionLink.com - ColdFusion and Flex hosting Now offering ColdFusion 8 Enterprise hosting FREE Subversion hosting From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Charlie Arehart Sent: Wednesday, August 01, 2007 2:59 PM To: discussion@acfug.org Subject: RE: [ACFUG Discuss] CF Service Account No value in the resource/sandbox security? :-) /charlie From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rob Saxon Sent: Wednesday, August 01, 2007 2:05 PM To: discussion@acfug.org Subject: RE: [ACFUG Discuss] CF Service Account Thank you John and Dean for your feedback. The CF script needs to write the contents
RE: [ACFUG Discuss] CF Service Account
The issue, as I remember, is how Jrun implements JAAS. Lib is actually open by default. Also bare in mind, I'm speaking of default settings here. Once again, the main point, is don't rely on Adobe/Microsoft to keep your site secure. You have to take additional precautions to secure your site and server John [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H. Saxe Sent: Wednesday, August 01, 2007 4:36 PM To: discussion@acfug.org Subject: Re: [ACFUG Discuss] CF Service Account If you are using sandbox security, which under the hood probably uses JAAS, this shouldn't be possible. Besides... who allows someone to write to the lib dir anyway? -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] I have always strenuously supported the right of every man to his own opinion, however different that opinion might be to mine. He who denies another this right makes a slave of himself to his present opinion, because he precludes himself the right of changing it. -- Thomas Paine, 1783 On Aug 1, 2007, at 4:34 PM, John Mason wrote: You're right and it's been post a few years ago so it's not news really. This is one of the reasons I wish CF was more open source to begin with, but here you guys go. If you have cfobject (java) enabled, this script simply writes and compiles a java class in the lib directory. This then opens up the ability to do other things. This dates back to when CF made the jump into java. I believe this is more an issue with Jrun4 really than CF. http://securitytracker.com/alerts/2004/Oct/1011475.html John [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H. Saxe Sent: Wednesday, August 01, 2007 3:32 PM To: discussion@acfug.org Subject: Re: [ACFUG Discuss] CF Service Account Well the point is really you can't secure what you don't know about. CF can be a very secure platform if you know how to secure it and write secure code on top of it. Hiding details on security vulnerabilities does nothing to help the situation, the blackhats know the details and the rest of us are left to defend ourselves. Honestly, I'm too lazy (er, busy!) right now to go look up the specifics on this vulnerability that is mentioned here... -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] What is objectionable, what is dangerous about extremists is not that they are extreme, but that they are intolerant. -- Robert F. Kennedy, 1964 On Aug 1, 2007, at 3:28 PM, Kevin wrote: Security by obscurity is not a good mechanism... let everyone see. Yes really... Thats what MS does... Hide everything so you cant see the holes? This community may find out your NOT as secure as you thought? On 8/1/07, Dean H. Saxe [EMAIL PROTECTED] wrote: Security by obscurity is not a good mechanism... let everyone see. -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] What is objectionable, what is dangerous about extremists is not that they are extreme, but that they are intolerant. -- Robert F. Kennedy, 1964 On Aug 1, 2007, at 3:24 PM, John Mason wrote: Dean, I'll need to email you off list after the meeting. I naturally don't like sharing that stuff in the open for everyone to see. For everyone out there - needless to say, don't just depend on the CF level of security. Security should always include multiple layers. Otherwise it won't hold up very well. John Mason [EMAIL PROTECTED] 770.337.8363 www.FusionLink.com - ColdFusion and Flex hosting Now offering ColdFusion 8 Enterprise hosting FREE Subversion hosting From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H. Saxe Sent: Wednesday, August 01, 2007 3:17 PM To: discussion@acfug.org Subject: Re: [ACFUG Discuss] CF Service Account Sandbox security is fine when it is backed up by OS-level security. What hack do you refer to? That's a new one on me. -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] [U]nconstitutional behavior by the authorities is constrained only by the peoples' willingness to contest them --John Perry Barlow On Aug 1, 2007, at 3:12 PM, John Mason wrote: There's some, but there's a known remote java class hack to get around it. I'm testing CF8 for this issue. Bluedragon doesn't have this issue by the way. For a lot of things sandboxing is certainly good if people would just use it ;) But if you have COM objects on and CF is running under the local service account. Which a lot of people do for some reason. You can pretty much do anything you want to a server. Taking CF off local service account achieves a lot of known security issues out right and it's easy to implement. That's why I jump on that whenever possible. John Mason [EMAIL PROTECTED] 770.337.8363 www.FusionLink.com - ColdFusion and Flex hosting Now offering ColdFusion 8 Enterprise hosting FREE
Re: [ACFUG Discuss] CF Service Account
Generic security resources include www.owasp.org and www.wasc.org. I'd look for a STiG on CF security, though I'm not sure one exists from the NSA. There have been many talks by folks like Dave Watts focused on security of the server itself at various conferences, too. -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] What is objectionable, what is dangerous about extremists is not that they are extreme, but that they are intolerant. -- Robert F. Kennedy, 1964 On Aug 1, 2007, at 5:00 PM, Rob Saxon wrote: Is there a document or web site with CF security best practices? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of John Mason Sent: Wednesday, August 01, 2007 4:58 PM To: discussion@acfug.org Subject: RE: [ACFUG Discuss] CF Service Account The issue, as I remember, is how Jrun implements JAAS. Lib is actually open by default. Also bare in mind, I'm speaking of default settings here. Once again, the main point, is don't rely on Adobe/Microsoft to keep your site secure. You have to take additional precautions to secure your site and server John [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H. Saxe Sent: Wednesday, August 01, 2007 4:36 PM To: discussion@acfug.org Subject: Re: [ACFUG Discuss] CF Service Account If you are using sandbox security, which under the hood probably uses JAAS, this shouldn't be possible. Besides... who allows someone to write to the lib dir anyway? -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] I have always strenuously supported the right of every man to his own opinion, however different that opinion might be to mine. He who denies another this right makes a slave of himself to his present opinion, because he precludes himself the right of changing it. -- Thomas Paine, 1783 On Aug 1, 2007, at 4:34 PM, John Mason wrote: You're right and it's been post a few years ago so it's not news really. This is one of the reasons I wish CF was more open source to begin with, but here you guys go. If you have cfobject (java) enabled, this script simply writes and compiles a java class in the lib directory. This then opens up the ability to do other things. This dates back to when CF made the jump into java. I believe this is more an issue with Jrun4 really than CF. http://securitytracker.com/alerts/2004/Oct/1011475.html John [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H. Saxe Sent: Wednesday, August 01, 2007 3:32 PM To: discussion@acfug.org Subject: Re: [ACFUG Discuss] CF Service Account Well the point is really you can't secure what you don't know about. CF can be a very secure platform if you know how to secure it and write secure code on top of it. Hiding details on security vulnerabilities does nothing to help the situation, the blackhats know the details and the rest of us are left to defend ourselves. Honestly, I'm too lazy (er, busy!) right now to go look up the specifics on this vulnerability that is mentioned here... -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] What is objectionable, what is dangerous about extremists is not that they are extreme, but that they are intolerant. -- Robert F. Kennedy, 1964 On Aug 1, 2007, at 3:28 PM, Kevin wrote: Security by obscurity is not a good mechanism... let everyone see. Yes really... Thats what MS does... Hide everything so you cant see the holes? This community may find out your NOT as secure as you thought? On 8/1/07, Dean H. Saxe [EMAIL PROTECTED] wrote: Security by obscurity is not a good mechanism... let everyone see. -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] What is objectionable, what is dangerous about extremists is not that they are extreme, but that they are intolerant. -- Robert F. Kennedy, 1964 On Aug 1, 2007, at 3:24 PM, John Mason wrote: Dean, I'll need to email you off list after the meeting. I naturally don't like sharing that stuff in the open for everyone to see. For everyone out there - needless to say, don't just depend on the CF level of security. Security should always include multiple layers. Otherwise it won't hold up very well. John Mason [EMAIL PROTECTED] 770.337.8363 www.FusionLink.com - ColdFusion and Flex hosting Now offering ColdFusion 8 Enterprise hosting FREE Subversion hosting From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H. Saxe Sent: Wednesday, August 01, 2007 3:17 PM To: discussion@acfug.org Subject: Re: [ACFUG Discuss] CF Service Account Sandbox security is fine when it is backed up by OS-level security. What hack do you refer to? That's a new one on me. -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] [U]nconstitutional behavior by the authorities is constrained only by the peoples' willingness to contest them --John Perry Barlow On Aug 1, 2007, at 3:12 PM
RE: [ACFUG Discuss] CF Service Account
This is a good start. http://www.adobe.com/devnet/coldfusion/articles/cf7_security.html http://www.owasp.org/index.php/Top_10_2007 Dean will probably have others. The key with this stuff is that it's a continuous process. Don't run through that Adobe list and then think your server is 'secure'. There's new stuff being found all the time. That's kind of the reason I'm in the server hosting business. Most people don't have time to figure this stuff out. There's also database and coding security issues you need to look at. That Adobe article only hits the web server stuff, but it gets the ball rolling. John Mason [EMAIL PROTECTED] 770.337.8363 www.FusionLink.com - ColdFusion and Flex hosting Now offering ColdFusion 8 Enterprise hosting FREE Subversion hosting -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rob Saxon Sent: Wednesday, August 01, 2007 5:01 PM To: discussion@acfug.org Subject: RE: [ACFUG Discuss] CF Service Account Is there a document or web site with CF security best practices? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of John Mason Sent: Wednesday, August 01, 2007 4:58 PM To: discussion@acfug.org Subject: RE: [ACFUG Discuss] CF Service Account The issue, as I remember, is how Jrun implements JAAS. Lib is actually open by default. Also bare in mind, I'm speaking of default settings here. Once again, the main point, is don't rely on Adobe/Microsoft to keep your site secure. You have to take additional precautions to secure your site and server John [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H. Saxe Sent: Wednesday, August 01, 2007 4:36 PM To: discussion@acfug.org Subject: Re: [ACFUG Discuss] CF Service Account If you are using sandbox security, which under the hood probably uses JAAS, this shouldn't be possible. Besides... who allows someone to write to the lib dir anyway? -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] I have always strenuously supported the right of every man to his own opinion, however different that opinion might be to mine. He who denies another this right makes a slave of himself to his present opinion, because he precludes himself the right of changing it. -- Thomas Paine, 1783 On Aug 1, 2007, at 4:34 PM, John Mason wrote: You're right and it's been post a few years ago so it's not news really. This is one of the reasons I wish CF was more open source to begin with, but here you guys go. If you have cfobject (java) enabled, this script simply writes and compiles a java class in the lib directory. This then opens up the ability to do other things. This dates back to when CF made the jump into java. I believe this is more an issue with Jrun4 really than CF. http://securitytracker.com/alerts/2004/Oct/1011475.html John [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H. Saxe Sent: Wednesday, August 01, 2007 3:32 PM To: discussion@acfug.org Subject: Re: [ACFUG Discuss] CF Service Account Well the point is really you can't secure what you don't know about. CF can be a very secure platform if you know how to secure it and write secure code on top of it. Hiding details on security vulnerabilities does nothing to help the situation, the blackhats know the details and the rest of us are left to defend ourselves. Honestly, I'm too lazy (er, busy!) right now to go look up the specifics on this vulnerability that is mentioned here... -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] What is objectionable, what is dangerous about extremists is not that they are extreme, but that they are intolerant. -- Robert F. Kennedy, 1964 On Aug 1, 2007, at 3:28 PM, Kevin wrote: Security by obscurity is not a good mechanism... let everyone see. Yes really... Thats what MS does... Hide everything so you cant see the holes? This community may find out your NOT as secure as you thought? On 8/1/07, Dean H. Saxe [EMAIL PROTECTED] wrote: Security by obscurity is not a good mechanism... let everyone see. -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] What is objectionable, what is dangerous about extremists is not that they are extreme, but that they are intolerant. -- Robert F. Kennedy, 1964 On Aug 1, 2007, at 3:24 PM, John Mason wrote: Dean, I'll need to email you off list after the meeting. I naturally don't like sharing that stuff in the open for everyone to see. For everyone out there - needless to say, don't just depend on the CF level of security. Security should always include multiple layers. Otherwise it won't hold up very well. John Mason [EMAIL PROTECTED] 770.337.8363 www.FusionLink.com - ColdFusion and Flex hosting Now offering ColdFusion 8 Enterprise hosting FREE Subversion hosting From: [EMAIL PROTECTED