Macromedia confirma o óbvio: USE SANDBOX SECURITY!
Publicado; 09/06/2004 Arquivado em: Segurança Comentários desativados em Macromedia confirma o óbvio: USE SANDBOX SECURITY!Com referência ao post “Pintando e bordando com a senha do CF Administrator” um dos engenheiros de segurança da Macromedia acaba de me responder o óbvio: não se trata de uma vulnerabilidade, mas sim de má configuração. Por isso use sandbox security. Veja a mensagem:
—–Mensagem original—–
De: Tom Donovan [mailto:XXXXXXXX@macromedia.com]
Enviada em: quarta-feira, 9 de junho de 2004 13:29
Para: ‘XXXXX@hubner.org.br’
Assunto: RE: [Security Issue] [I’m pretty sure you guys]
Hello Alex,
Thanks for submitting a ColdFusion security issue.
Yes – read or write access to files in {cf_root}/lib constitutes privileged use.
If your hosting provider is not using ColdFusion MX Enterprise sandbox security, and grants unrestricted access to customers – then yes – ColdFusion developers are fully trusted and can read/write all files, registry entries, execute COM objects, etc.
The ability to read and write password.properties amounts to control of the ColdFusion Administrator and RDS passwords. Of course, the ability to read or write the files in {cf_root}/lib also gives a similar ability to learn and change ColdFusion settings without using ColdFusion Administrator at all.
Running the ColdFusion service as an unprivileged user does not constitute adequate security for a hosted environment if the developers are not trusted. We are aware that some hosting providers try to make this technique substitute for ColdFusion security. Your example is just one of the many weaknesses of this approach.
If it is possible to bypass ColdFusion sandbox security to learn or alter the ColdFusion Administrator password, then this would constitute a security problem like the ServiceFactory problem in CFMX 6.0. We do not believe this is possible with CFMX 6.1 when sandbox security is correctly configured.
Regards,
Tom Donovan
Macromedia ColdFusion