لطفا منتظر باشید ...
ColdFusion Sandbox
ColdFusion's sandbox security applies directory-based restrictions to limit application access to ColdFusion resources: data sources, tags, functions, and so on. Use sandboxes to partition the shared-host environment into separate directory hierarchies that allow multiple applications to run securely on a single-server platform. Create a separate directory for each application. Then, apply rules that restrict access to the application's own files and data sources.When enabled, ColdFusion automatically creates sandboxes for the CFIDE and WEB-INF directories. This ensures the security of internal system-level templatesincluding the ColdFusion Administrator. After installation, administrators of shared-hosted environments should immediately create a ROOT sandbox similar to the one shown in Figure 10.3. The following configuration will remove all resource privileges on the server:
- Data Sources .
Disable access to all data sources. - CF Tags .
Disable access to all tags. - CF Functions .
Disable access to all functions. - Files/Dirs .
Remove all secured file and directory mappings. - Servers/Ports .
Restrict access to the loopback IP address.
Figure 10.3. Create sandboxes for the root directories on all drives/partitions.
Chapter 9, "Creating Server Sandboxes," explains how to implement ColdFusion sandbox security.
