User Guide
Table Of Contents
- Contents
- Introduction
- Administering ColdFusion MX 7
- Administering ColdFusion MX
- Using the ColdFusion MX Administrator
- Contents
- Initial administration tasks
- Accessing user assistance
- Server Settings section
- Data & Services section
- Debugging & Logging section
- Extensions section
- Event Gateways section
- Security section
- Packaging and Deployment section
- Enterprise Manager section
- Custom Extensions section
- Administrator API
- Data Source Management
- Contents
- About JDBC
- Adding data sources
- Connecting to DB2 Universal Database
- Connecting to Informix
- Connecting to Microsoft Access
- Connecting to Microsoft Access with Unicode
- Connecting to Microsoft SQL Server
- Connecting to MySQL
- Connecting to ODBC Socket
- Connecting to Oracle
- Connecting to other data sources
- Connecting to Sybase
- Connecting to JNDI data sources
- Web Server Management
- Deploying ColdFusion Applications
- Administering Security
- Using Multiple Server Instances
- Administering Verity
- Introducing Verity and Verity Tools
- Indexing Collections with Verity Spider
- Using Verity Utilities
- Contents
- Overview of Verity utilities
- Using the mkvdk utility
- Using the rck2 utility
- Using the rcvdk utility
- Using the didump utility
- Using the browse utility
- Using the merge utility
- Index
88 Chapter 6: Administering Security
For more information, see the Administrator online Help.
Note: When you run ColdFusion MX in the J2EE configuration on IBM WebSphere, the Files/Dirs
and Server/Ports tabs are not enabled.
About directories and permissions
When you enable access to files outside of the sandbox, you specify the filename. When you
enable access to directories outside of the sandbox, you specify directoryname\indicator, where
indicator is a dash or asterisk, as follows:
• A backslash followed by a dash (\-) lets tags and functions access all files in the specified
directory, and recursively allows access to all files in subdirectories.
• A backslash followed by an asterisk (\*) lets tags and functions access all files in the specified
directory and also lets tags and functions access a list of subdirectories. However, this option
denies access to files in any subdirectories.
You can also specify the actions that ColdFusion tags and functions can perform on files and
directories outside the sandbox. The following table shows the relationship between the
permissions of a file and a directory:
Adding a sandbox (Enterprise Edition only)
ColdFusion MX Enterprise Edition lets you define multiple security sandboxes.
To add a sandbox:
1.
Open the Security > Sandbox Security page in the ColdFusion MX Administrator.
The Sandbox Security Permissions page appears.
2.
In the Add Security Sandbox box, enter the name of the new sandbox. This name must be either
a ColdFusion mapping (defined in the Administrator) or an absolute path.
3.
Select New Sandbox from the drop-down list to create a sandbox based on the default sandbox,
or select an existing sandbox to copy its settings to your new sandbox.
4.
Click Add.
The new sandbox appears in the list of Defined Directory Permissions.
Permission Effect on files Effect on directories
Read View the file List all files in the directory
Write Write to the file Not applicable
Execute Execute the file Not applicable
Delete Delete the file Delete the directory