Use the Security Sandboxes page to add, edit or delete a security sandbox.
Notes
If you enable both user security and sandbox security, sandbox security takes precedence.
To use sandboxes, the Use Security Sandboxes setting has to be enabled on the Advanced Security page. For details, see Configure Advanced Security.
Before you can register sandboxes, you have to register a security context, assign user directories, create rules, and bind them to policies.
To add a new security sandbox:
In the ColdFusion Administrator
navigation frame, click Security>Security
Configuration to see the Advanced Security page, then click Security Sandboxes. The Security Sandboxes
page appears with existing sandboxes listed in the table, as shown in
the following example:
In the Security Sandbox field, enter the path and name, using forward slashes, of the directory whose contents you want to protect.
Select the type of sandbox
to create from the Type drop-down list:
Operating System to protect OS-level resources based on privileges
assigned through a Windows NT domain.
ColdFusion to protect resources based on privileges assigned
through a security context.
Click Add. The New Security Sandbox page appears. Fields you see depend on the selected type.
Complete the fields as described in the appropriate table: Operating System or ColdFusion.
|
| |
Field |
Description |
Default |
Location |
This field displays the path and name of the directory that you entered on the Register Security Sandbox page. |
Filled |
NT Domain |
Enter the Windows NT domain to authenticate against in the NT Domain box. |
Blank |
Username |
Enter the username for the user whose privileges you want applied to the sandbox. This user must be a member of the NT domain. |
Blank |
User Password |
Enter the password for the user. |
Blank |
|
| |
Field |
Description |
Default |
Location |
This field displays the path and name of the directory that you entered on the Register Security Sandbox page. |
Filled |
Security Context |
From the drop-down list, select one of your existing security contexts. Contexts appear in alphabetic order. |
First in list |
Username |
Enter the username for the user whose privileges you want applied to the sandbox. This user must be a member of the security context. |
Blank |
Password |
Enter the password for the user. |
Blank |
Click Add. The Register Security Sandbox page appears with the new sandbox.
To edit or delete a security sandbox:
Access the Security Sandboxes page.
In the Security Sandbox table, click the name of the security sandbox. The Edit Security Sandbox page appears. The fields you see depend on the selected type: Operating System or ColdFusion.
To edit the security sandbox, modify the fields as described in the appropriate table: Operating System or ColdFusion, then click Apply. The Register Security Sandbox page appears.
To delete the security sandbox, click Delete. The Security Sandboxes page displays; the deleted sandbox no longer appears in the table.