Copy link to clipboard
Copied
Looking for your advice on the best way to create a secure CFIDE directory that will allow me to have full functionality to use cfdocument, cfpdf etc...
My understanding is that certain folders within that need to web accessible for cfchart,cfform,cfdocument to work, is that correct?
We have had security issues and my hosting company has denied users access to the cfide directory and now I am getting erros when I try and merge PDF docs ...I am sure there are others I havent found yet too.
An error occurred during MERGE operation in the cfpdf tag. | |
Error: Access is denied |
at java.io.WinNTFileSystem.createFileExclusively(Native Method)
at java.io.File.checkAndCreate(File.java:1704)
at java.io.File.createTempFile(File.java:1792)
at coldfusion.pdf.PDFDocHandler.writeDocument(PDFDocHandler.java:900)
at coldfusion.pdf.PDFDocHandler.writeDocument(PDFDocHandler.java:866)
at coldfusion.pdf.PDFDocHandler.writeDocument(PDFDocHandler.java:847)
at coldfusion.pdf.PDFDocOperation.merge(PDFDocOperation.java:524)
at coldfusion.tagext.lang.PDFTag.doEndTag(PDFTag.java:1534)
Etc...............
Anyway what is Adobe's official solution to this issue?
Either I leave the CFIDE unsecured and the cfdocument, cfpdf ...work
OR
I lock down the CFIDE directory and lose the functionality for creating PDFS and other things.
Any ideas?
Copy link to clipboard
Copied
There are several threads on securing the CFIDE. The best I have found involves to steps: 1) Keep up to date with the latest CF patches. 2) Break the current CFIDE virtual directory, replace it with one that points to an empty directory, then create a "scripts" one under that that points back to the original cfide/scripts directory. Most of the vulnerabilities revolve around other CFIDE modules not within the scripts branch and this will prevent probably 99% of them. Someday maybe Adobe will incorporate this into the standard distribution, but I'm not holding my breath.