ColdFusion Securing Databases (part 2)

In ColdFusion Securing Databases (part 1) we looked at restricting what sql statements can be run with a datasource and partitioning applications to use multiple datasources and multiple users to improve security. In this article we'll look at setting the permissions on the database tables.


ColdFusion Securing Databases (part 1)

Most ColdFusion applications I'm come across tend to use a single datasource or if they use more than one the same user credentials are used. As well as causing possible performance and scalability issues this can be a security risk.

It's quite easy to restrict what SQL statements a datasource will run with the ColdFusion administrator.