Skip to main content
M
mbender1971
Participant
June 21, 2012
Question

How to restrict RDS file system access?

  • June 21, 2012
  • 1 reply
  • 1249 views

Can RDS be configured so that the ColdFusion server restricts file system

access to certain directories? Right now with RDS configured, anyone with

access can actually browse all the drives on the server and that is not good.

I would like to restrict all RDS users to just the web root directory. Thanks

in advance!

    This topic has been closed for replies.

    1 reply

    Charlie Arehart
    Community Expert
    Charlie ArehartCommunity Expert
    Community Expert
    June 21, 2012

    Are you on CF 10, or earlier? There is a change in 10 that no longer requires creation of sandboxes to restrict dirs in RDS (see http://blogs.coldfusion.com/post.cfm/new-way-to-add-sandbox-permissions-for-users-with-rds-access).

    Prior to that, it does require sandboxes, and then you’d use the multiple user feature of the CF Admin to define different users (for the admin and/or RDS) and allocate them to a sandbox. Things do vary also depending on whether you’re using CF Standard or Enterprise/Trial/Developer edition.

    For more (besides the docs, such as the Config and Admin manual), see these articles I’ve done in the Adobe Dev Center:

    Enabling multiple user access to the ColdFusion Administrator and RDS

    http://www.carehart.org/articles/#2009_1

    The following are much older (2002) but most still applies:

    ColdFusion Security, Part One: Understanding Sandbox/Resource Security

    http://www.carehart.org/articles/#2002_11

    ColdFusion Security, Part Two: Sandbox/Resource Basics

    http://www.carehart.org/articles/#2002_10

    /charlie arehart

    charlie@carehart.org

    Providing fast, remote, on-demand troubleshooting services for CF (and CFBuilder)

    More at http://www.carehart.org/consulting

    See also http://www.cf911.com for more on CF troubleshooting resources

    /Charlie (troubleshooter, carehart. org)
    M
    mbender1971Author
    Participant
    June 21, 2012

    Thank you so much for replying so fast! I am using ColdFusion 10 and I indeed created a user

    under User Manager and even specified just one directory for access under the Sandbox secured

    files and directories. The problem is that I don't see it doing anything. I restarted my ColdFusion

    Builder 2 and I'm still able to see the C:\ drive and access all the system areas of the server. I

    hope I'm missing something here....

    Charlie Arehart
    Community Expert
    Charlie ArehartCommunity Expert
    Community Expert
    June 22, 2012

    So to be clear, you are saying you see the C drive when viewing things in the RDS FileView view (window>show view)?

    And are you configuring the server properties (from the server, as listed in the Servers view, right-clicking and choosing “edit server”) to specify the indicated username and password as the server’s Other Settings>RDS Username?

    /charlie

    /Charlie (troubleshooter, carehart. org)
    Terms & ConditionsAccessibility statement
    Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices