4 Replies Latest reply on Jul 12, 2006 11:45 AM by GaryNY

    ColdFusion application and security problem

    GaryNY
      Hi !
      I have an application working with Oracle DB. I defined the datasource in Application.cfm file and use it everywhere as an application variable. Seems that this could create a security problem: if somebody will find out the datasource name, he could write a CF form to read/write these data in Oracle, right ? It does not matter that only authorized users have access to the database through the application.
      Anybody solved this before ? How to protect the datasource ?
      Thanks a lot in advance,
      Gary.