ColdFusion 11 version: 11,0,19,314546
Operating System: Windows Server 2012 R2
Java Version: 1.8.0_231
I'm having a problem with <cfexecute> once I enabled Sandbox Security on my CF11 Enterprise installation. I have one ApacheCXF webservice client that is executed from withint the application. I've done the following within this sandbox:
The error I'm getting is:
An exception occurred when invoking an external process.
The cause of this exception was that: java.security.AccessControlException: access denied ("java.io.FilePermission" "<>" "execute").
I don't really work with any of the Java in CF, directly, but I wonder if the CF account that CF is running under has permission to access the CFEXECUTE tag, or anything else related. It _sounds_ like a permissions issue, to me.
^ _ ^
EDIT: I mean after the sandbox is enabled, of course.
I've even tried giving full control to both the user account and the service account, but still didn't work.
Going to try a file path of <<ALL FILES>> with execute permission on the directory next and see what happens. Unfortunately, it looks like I have to bounce the server for changes to take effect so will need to wait until after hours.
This is going to be an unsatisfying answer, but there are a bunch of other settings you have to enable within the CF Administrator for sandboxes to do this sort of thing. I don't know what they are, but they're probably documented on the forums here. Look for answers by Russ Michaels, who knew all about sandboxes. Alternatively, review the lockdown guide which might cover this more directly. I just don't use sandboxes, so I can't tell you what the settings actually are, sorry.
Dave Watts, Eidolon LLC
I'll look for threads from Russ Michaels, thanks. Been through the lockdown guide in depth already.
Try adding this to the sandbox with RWD permissions.
Back in my CF11 days I remember having to explicitly add that to get certain things to work in the sandbox.
Thanks for the suggestion! Unfortuntely, this didn't make a difference 😞