Versions Compared

Old Version 5

changes.mady.by.user Knut Bewersdorff

Saved on

compared with

New Version 6

changes.mady.by.user Knut Bewersdorff

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

FarCry - Running in a "Sandbox" under Linux with Confixx 3.3.x

This Discription is just for users, who have "root access" to their server and "Admin access" to ColdFusion !!!

Example for Enviroment:
Debian Linux 4.0 ETCH
Apache2-Webserver with Wrapper
"ColdFusion 8" installation under the linux path "/opt" with a running "Verity K2 Server"
Confixx 3.3.x Control Panel
FarCry 5.1.x installation under the webroot of a "Vitual Confixx Host"

"webX" represents the virtual host number in Confixx. You have to replace the "X" with the correct number !!!

  1. Login to your "ColdFusion Administrator Account"
  2. Navigate to "Security -> Sandbox Security"
  3. Then -> "Enable ColdFusion Security" and "Submit Changes"
  4. Add the path for your FarCry Installation in "Add Security Sandbox"
    For example: /var/www/webX/html  (webroot path of your virtual host)
  5. Now edit the new "Sandbox" with the following parameters:
    No Format
    
DATA SOURCES :: Disable ALL datasource that do not belong to your FC-Project !
    No Format
    
CF TAGS :: Disable the following CF-Tags:
- CFDBInfo
- CFFTP
- CFRegistry
    No Format
    
CF FUNCTIONS :: Disable the following CF-Functions:
- CreateObject(.NET)
- CreateObject(COM)
- CreateObject(CORBA)
- CreateObject(WebService)
- GetTempFile
- SetProfileString
    No Format
    
FILES/DIRS :: Configuration

HINT:
If u use "Verity-K2 Server", you have to create a "webX" directory under: "/opt/jrun4/verity/collections/".
You also have to define that verity path in your FarCry Project !!!
Set the directory permission to "0755" and set the directory owner to the user that ColdFusion runs
on your server !
If you don't use the "Verity-K2 Server" you can ommit the two path conifigurations lines !!!| *Secured Files and Directories* \\ | |
| *{+}File Path{+}*\\ | *{+}Permissions{+}* \\ |
| /opt/jrun4/servers/cfusion/SERVER-INF/temp/cfusion.war-tmp/\-\\ | Read,Write,Execute,Delete\\ |
| /opt/jrun4/servers/cfusion/SERVER-INF/lib/\-\\ | Read,Execute \\ |
| /opt/jrun4/servers/cfusion/cfusion.ear/cfusion.war/WEB-INF/cftags/\-\\ | Read,Execute\\ |
| /opt/jrun4/verity/\-\\ | Read,Execute\\ |
| /opt/jrun4/verity/collections/webX/\-\\ | Read,Write,Execute,Delete\\ |
| /var/www/webx/html/\- \\ | Read,Write,Execute,Delete\\ |
  6. Click onto the "Finish" button !
  7. Now restart the ColdFusion server !

This document is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose.