FarCry - Running in a "Sandbox" under Linux with Confixx 3.3.x

This Discription is just for users, who have "root access" to their server and "Admin access" to ColdFusion !!!

Example for Enviroment:
Debian Linux 4.0 ETCH
Apache2-Webserver with Wrapper
"ColdFusion 8" installation under the linux path "/opt" with a running "Verity K2 Server"
Confixx 3.3.x Control Panel
FarCry 5.1.x installation under the webroot of a "Vitual Confixx Host"

"webX" represents the virtual host number in Confixx. You have to replace the "X" with the correct number !!!

Login to your "ColdFusion Administrator Account"
Navigate to "Security -> Sandbox Security"
Then -> "Enable ColdFusion Security" and "Submit Changes"
Add the path for your FarCry Installation in "Add Security Sandbox"
For example: /var/www/webX/html (webroot path of your virtual host)
Now edit the new "Sandbox" with the following parameters:

DATA SOURCES :: Disable ALL datasource that do not belong to your FC-Project !

CF TAGS :: Disable the following CF-Tags (if you don't use them in your custom code!) :
- CFDBInfo
- CFFTP
- CFRegistry

CF FUNCTIONS :: Disable the following CF-Functions (if you don't use them in your custom code!):
- CreateObject(.NET)
- CreateObject(COM)
- CreateObject(CORBA)
- CreateObject(WebService)
- GetTempFile
- SetProfileString

FILES/DIRS :: Configuration

HINT:
If u use "Verity-K2 Server", you have to create a "webX" directory under:
"/opt/jrun4/verity/collections/". You also have to define that verity path
in your FarCry Project !!! - Set the directory permission to "0755" and set
the directory owner to the user that ColdFusion runs on your server !
If you don't use the "Verity-K2 Server" you can ommit the two verity path
conifigurations lines !!!

FILE PATH                                                                          PERMISSIONS
/opt/jrun4/servers/cfusion/SERVER-INF/temp/cfusion.war-tmp/-                     : Read,Write,Execute,Delete
/opt/jrun4/servers/cfusion/SERVER-INF/lib/-                                      : Read,Execute
/opt/jrun4/servers/cfusion/cfusion-ear/cfusion-war/WEB-INF/cftags/-              : Read,Execute
/opt/jrun4/servers/cfusion/cfusion-ear/cfusion-war/WEB-INF/cfusion/CustomTags/-  : Read,Execute
/opt/jrun4/verity/-                                                              : Read,Execute
/opt/jrun4/verity/collections/webX/-                                             : Read,Write,Execute,Delete
/var/www/webx/html/-                                                             : Read,Write,Execute,Delete

HINT:
If you deploy a new, additional ColdFusion server (f.e.: cfserver1), the directorie names
"cfusion-ear" and "cfusion-war" could have changed to "cfusion.ear" and "cfusion.war"
under linux. You should check this first !!!

Click onto the "Finish" button !

Now restart the ColdFusion server !

This document is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose.