A frequent cause for complaints among ColdFusion developers is that shared hosting for ColdFusion is hard to find, expensive and/or limited in functionality. I am not really affected by that since I don’t develop applications that are intended to be deployed in a shared hosting environment. But I do get to see the other side of the medal: at Prisma IT we offer some shared hosting (it is not an area we focus on) and I am responsible for the architecture of the platform. So in this and some followup articles I will dive into some of the complications of securing a shared hosting platform running Adobe ColdFusion 8 on Windows.
Setting the stage
These articles will specifically be about ‘inside jobs’: securing ColdFusion shared hosting customers from each other, while they run on the same ColdFusion instance. This is not about securing servers from outside threats, the starting point is some customer who can FTP his CFML templates to the server and wants to look at the templates and the database records of another customer on the same system.
For this discussion I will largely ignore the complications of combining ColdFusion with other scripting languages. While it is most certainly an interesting subject, the issues involved are too diverse for some general blogs.
Topics
The topics aren’t set in stone yet, but for now I am writing on the following blogs:
- Filesystem access and Sandbox Security
- Memory access
- ColdFusion internals
- Java, COM and .NET
- Microsoft Access
Feel free to suggest more / other content in your comments.
Tjarko says:
Maybe add ColdFusion Admin control?? I’m still wondering how to incorporate that into a shared environment, and the why behind the API…
2008/12/02, 10:10Jochem says:
I’m not really sure I have anything useful to add about the ColdFusion Administrator in a shared hosting environment. I most certainly would not give access to it to any hosted customer.
2008/12/03, 09:22Sebastiaan says:
Is this in retrospect of your comments that Webstekker is not a secure CF environment?
If you feel it is not, I’d like to know (and why)!!!
2008/12/03, 12:50Ron says:
Sebastiaan, I most certainly know that the CF environments of webstekker are anything but secure. I can easily list which other CF applications are on the same server and can then find out what their directories on the server are and simply alter their site.
Imagine what this would do
<cffile action=”write” file=”e:\clientdir\wwwroot\Application.cfm” output=”<cflocation url=’some_bad_site’ />” />
And I can assure you it works. Email me if you want to know more.
2008/12/03, 14:52Jochem says:
Sebastiaan: my next posts will include some code samples that you can run against any environment you want.
Ron: I fixed your code comments.
2008/12/03, 17:01“it could be bunnies” » Blog Archive » CF shared hosting security: Java, CFEXECUTE, COM, .NET and Java again says:
[...] the first part we have set the stage for this series: the goal is to protect one shared hosting customer from an [...]
2008/12/09, 22:37Sebastiaan says:
Jochem, could you convey the e-mail address of Ron to me, as it isn’t showing up on your blog
Thanx!
2008/12/10, 12:11