I was right, you missed the point or are intentionally ignoring
it. Whatevers.
Why do you repeat that I miss the point without mentioning
the point I miss.
Oh, and if they are disallowing cfobject/createobject do you
really believe they
allow cfexecute? Or any other thing to do with objects?
Yes, it is possible. There is only one way to find out.
Contact the host.
You speak as if there is one security button which, when
pressed, disables all of Coldfusion's object functionality. The
host has some choices to make. It usually comes down to a decision
on a tag by tag and function by function basis, depending on
experience and whim.
I would agree with you that it is unlikely for cfexecute to
be enabled while cfobject and createobject are disabled. My point
is that cfexecute is just one more object functionality hosts, and
you, have to think about. Now, there is a reversal in the argument.
We should not forget that when the host disables a tag or function,
it is usually to protect us. I wouldn't use a shared host who
allows cfexecute on a shared Windows server.
Look around. You will find the other functionalities I
mentioned enabled on hosts where cfobject and createobject are
disabled. A finesse in the recent version of MX7 enables the host
to selectively disable createobject for Java, Com and Corba
objects, but to allow it for components and webservices.