Versions Compared

Old Version 6

changes.mady.by.user Knut Bewersdorff

Saved on

compared with

New Version Current

changes.mady.by.user Knut Bewersdorff

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

Excerpt

FarCry - Running in a "Sandbox" under Linux with Confixx 3.3.x

This Discription is just for users, who have "root access" to their server and "Admin access" to ColdFusion !!!

...

  1. Login to your "ColdFusion Administrator Account"
  2. Navigate to "Security -> Sandbox Security"
  3. Then -> "Enable ColdFusion Security" and "Submit Changes"
  4. Add the path for your FarCry Installation in "Add Security Sandbox"
    For example: /var/www/webX/html  (webroot path of your virtual host)
  5. Now edit the new "Sandbox" with the following parameters:
No Format

DATA SOURCES :: Disable ALL datasource that do not belong to your FC-Project !
No Format

CF TAGS :: Disable the following CF-Tags (if you don't use them in your custom code!) :
- CFDBInfo
- CFFTP
- CFRegistry
No Format

CF FUNCTIONS :: Disable the following CF-Functions (if you don't use them in your custom code!):
- CreateObject(.NET)
- CreateObject(COM)
- CreateObject(CORBA)
- CreateObject(WebService)
- GetTempFile
- SetProfileString
No Format

FILES/DIRS :: Configuration

HINT:
If u use "Verity-K2 Server", you have to create a "webX" directory under:
"/opt/jrun4/verity/collections/". You also have to define that verity path
in your FarCry Project !!! - Set the directory permission to "0755" and set
the directory owner to the user that ColdFusion runs on your server !
If you don't use the "Verity-K2 Server" you can ommit the two verity path
conifigurations lines !!!

...



FILE PATH                                                                          PERMISSIONS
/opt/jrun4/servers/cfusion/SERVER-INF/temp/cfusion.war-tmp/

...

-                     : Read,Write,Execute,Delete

...

...

/opt/jrun4/servers/cfusion/SERVER-INF/lib/

...

-                                      : Read,Execute
/opt/jrun4/servers/cfusion/cfusion-ear/cfusion-war/WEB-INF/cftags/-              : Read,Execute
/opt/jrun4/servers/cfusion/cfusion

...

-ear/cfusion

...

-war/WEB-INF/cfusion/

...

CustomTags/

...

-

...

...

: Read,Execute

...

...

/opt/jrun4/verity/

...

-                                                              : Read,Execute

...

...

/opt/jrun4/verity/collections/webX/

...

-                                             : Read,Write,Execute,Delete

...

...

/var/www/webx/html/

...

-                                                             : Read,Write,Execute,Delete

...



HINT:
If you deploy a new, additional ColdFusion server (f.e.: cfserver1), the directorie names
"cfusion-ear" and "cfusion-war" could have changed to "cfusion.ear" and "cfusion.war"
under linux. You should check this first !!!

Click onto the "Finish" button !

Now restart the ColdFusion server !

This document is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose.