Looking at the left navigational bar, the next header we encounter is the Security header. Beneath this header, you find several clickable menu items that control how security is managed on the ColdFusion Server. We examine this section now.
CF Admin Password
First, let's look at the CF Admin Password page. Figure 25.21 gives you a look at the Security Permissions page inside the Administrator.
Figure 25.21. CF Admin Password page within the ColdFusion Administrator.
This, of course, is a no-brainer page. It would be advisable to always use a ColdFusion Administrator password. You are also given the option to change the current Administrator password to a new one if you so desire.
Next, let's look at the RDS Password page. Figure 25.22 gives you a look at the page inside the Administrator.
Figure 25.22. RDS Password page within the ColdFusion Administrator.
Just as with the CF Admin Password page, if you're using Remote Development Server (RDS) on the server, it is always advisable to use a password. Once again, you are presented with the option of changing the existing RDS password if you so desire.
Next, let's look at the Sandbox Security page. Figure 25.23 gives you a look at the page inside the Administrator.
Figure 25.23. Sandbox security page within the ColdFusion Administrator.
Life wouldn't be complete without this section in the ColdFusion Administrator. Basically, you want to use security sandboxes any time that you want to control access to some ColdFusion resource. Using sandboxing, you can give specific applications access to certain ColdFusion functionality (CFFILE, CFDIRECTORY, and so on) while keeping the operations that these applications can complete contained within their own area.
This is a necessary thing if you are running a shared server, as you obviously don't want the developer of Application A to go over and delete files (through CFFILE) in the directory of Application B.
Of course, you might wonder how you set up a security sandbox. We knew you'd ask, so, just for you, we're going to step through setting up a security sandbox. Thankfully, the entire process is much less painful with ColdFusion MX than it has been rumored to be in the past.
Step 1 Add a New Sandbox
You begin by adding a sandbox. This process is pretty simple; you just name your new sandbox and click the Add button. In this example, we've added the new Tidy Cat Sandbox. After you've added the sandbox, it shows up in the list of available sandboxes, as shown in Figure 25.24.
Figure 25.24. Tidy Cat Sandbox added to the list.
So, adding a sandbox is easy enough, right? Just a few simple keystrokes and a click of the mouse. But now, the fun part comes in.
Step 2 Configuring Your New Sandbox
To configure our new sandbox, the first thing that we need to do is click the Edit button next to our sandbox name in the Defined Directory Permissions list. The Edit button is the little button that looks like a piece of paper with a pencil on the corner.
After you've clicked this button, you are presented with a tabbed configuration window, like the one shown in Figure 25.25.
Figure 25.25. Tabbed configuration window for security sandboxing.
As you can see, this tabbed interface includes tabs for data sources, CF Tags, CF Functions, Files and Directories, and Server/Port settings. The important thing to note, and this is very important, is that when a sandbox is created, everything is available to it by default. To properly configure the sandbox, you must select the items contained within this sandbox that you want to disable or make unavailable to users.
Of course, the one exception to this rule (and you knew there was going to be an exception) is the Files/Dirs tab. On this tab, you are going to explicitly state the files and directories that you would like to enable for users of this sandbox. By default, the sandbox has access to no files or directories on the server. You have to explicitly spell out where you want this sandbox to be restricted to on your server.
In addition, as you make your selections on each tab in this tabbed interface, click the Finish button at the bottom of the tab on which you're working prior to moving on to the next tab. Otherwise, your changes are lost and you have to start again.