ColdFusion Securing Databases (part 2)

Posted At : May 13, 2007 6:42 AM | Posted By : Justin Mclean
Related Categories: Security, ColdFusion, SQL Injection, Database

In ColdFusion Securing Databases (part 1) we looked at restricting what sql statements can be run with a datasource and partitioning applications to use multiple datasources and multiple users to improve security. In this article we'll look at setting the permissions on the database tables.

[More]

Comments Comments (0) | Send Send | 5384 Views | Bookmark and Share

ColdFusion Securing Databases (part 1)

Posted At : May 7, 2007 4:25 PM | Posted By : Justin Mclean
Related Categories: Security, ColdFusion, SQL Injection, Database

Most ColdFusion applications I'm come across tend to use a single datasource or if they use more than one the same user credentials are used. As well as causing possible performance and scalability issues this can be a security risk.

It's quite easy to restrict what SQL statements a datasource will run with the ColdFusion administrator.

[More]

Comments Comments (1) | Send Send | 5851 Views | Bookmark and Share