lucid outsourcing


Sandbox security mechanism is a process in which code is secured in a special area which gives limited access to coldfusion resources on coldfusion templates by defining set of rules. It is done via coldfusion administrator.

In the case of coldfusion server, developers have the right to set, write and read the code within the limits of a sandbox. On the same coldfusion server, one application holded by the two companies will not be able to read and modify the data of each other.

The biggest quality of the sandbox mechanism is that the sandbox applied on the parent directories for coldfusion template is also applied on their child subdirectories. Also it is remarkable that the sandbox applied on the subdirectories is by default overridden on the parent directories.

Sandbox is applied on the following elements of the coldfusion application -

Cf tags and elements
files and directories
servers and ports
data sources
coldfusion functions  

In coldfusion administrator there are two types of the coldfusion sandboxes authorities - coldfusion based and operating system based. Operating system based sandboxes are generally used for the security of windows based application resources. In coldfusion based sandboxes, by using security contexts privileges are assigned to the users to access data sources, tags, functions, user access and so on.   

There are many advantages of using sandbox mechanism -

adds flexibility to the application.
makes it more useful and independent for users.
unnecessary data access is prohibited.
more control over custom tags.
more independence from coldfusion administrator.

Hope you have liked this post ! Thanks for reading this post !

reference links -