| Excerpt |
|---|
FarCry - Running in a "Sandbox" under Linux with Confixx 3.3.x |
This Discription is just for users, who have "root access" to their server and "Admin access" to ColdFusion !!!
Example for Enviroment:
Debian Linux 4.0 ETCH
Apache2-Webserver with Wrapper
"ColdFusion 8" installation under the linux path "/opt" with a running "Verity K2 Server"
Confixx 3.3.x Control Panel
FarCry 5.1.x installation under the webroot of a "Vitual Confixx Host"
"webX" represents the virtual host number in Confixx. You have to replace the "X" with the correct number !!!
- Login to your "ColdFusion Administrator Account"
- Navigate to "Security -> Sandbox Security"
- Then -> "Enable ColdFusion Security" and "Submit Changes"
- Add the path for your FarCry Installation in "Add Security Sandbox"
For example: /var/www/webX/html (webroot path of your virtual host) - Now edit the new "Sandbox" with the following parameters:
| No Format |
|---|
DATA SOURCES :: Disable ALL datasource that do not belong to your FC-Project !
|
| No Format |
|---|
CF TAGS :: Disable the following CF-Tags (if you don't use them in your custom code!) :
- CFDBInfo
- CFFTP
- CFRegistry
|
| No Format |
|---|
CF FUNCTIONS :: Disable the following CF-Functions (if you don't use them in your custom code!):
- CreateObject(.NET)
- CreateObject(COM)
- CreateObject(CORBA)
- CreateObject(WebService)
- GetTempFile
- SetProfileString
|
| No Format |
|---|
FILES/DIRS :: Configuration
HINT:
If u use "Verity-K2 Server", you have to create a "webX" directory under:
"/opt/jrun4/verity/collections/". You also have to define that verity path
in your FarCry Project !!! - Set the directory permission to "0755" and set
the directory owner to the user that ColdFusion runs on your server !
If you don't use the "Verity-K2 Server" you can ommit the two verity path
conifigurations lines !!!
FILE PATH PERMISSIONS
/opt/jrun4/servers/cfusion/SERVER-INF/temp/cfusion.war-tmp/- : Read,Write,Execute,Delete
/opt/jrun4/servers/cfusion/SERVER-INF/lib/- : Read,Execute
/opt/jrun4/servers/cfusion/cfusion-ear/cfusion-war/WEB-INF/cftags/- : Read,Execute
/opt/jrun4/servers/cfusion/cfusion-ear/cfusion-war/WEB-INF/cfusion/CustomTags/- : Read,Execute
/opt/jrun4/verity/- : Read,Execute
/opt/jrun4/verity/collections/webX/- : Read,Write,Execute,Delete
/var/www/webx/html/- : Read,Write,Execute,Delete
HINT:
If you deploy a new, additional ColdFusion server (f.e.: cfserver1), the directorie names
"cfusion-ear" and "cfusion-war" could have changed to "cfusion.ear" and "cfusion.war"
under linux. You should check this first !!!
|
Click onto the "Finish" button !
Now restart the ColdFusion server !
This document is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose.