Adobe 38043740 Lockdown Guide - Page 10
user grant Read and List Folder Contents Permission. Add the, Advanced Security Settings
![]() |
UPC - 883919135168
View all Adobe 38043740 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 10 highlights
User / Group cfusion (Your ColdFusion Service Identity) Permissions • List folder / read data • Read attributes • Read extended attributes • Read permissions (Add additional write/delete permissions to folders or files that CF must write to) Click the Add button and add the iisservice user grant Read and List Folder Contents Permission. Add the cfusion user and grant Read, List Folder Contents Permission. Grant cfusion Write and Delete permission if your applications make use of the file system via (cffile, cfdirectory, etc). Also give the Administrators full control over this folder, and remove any unnecessary privileges. Check the Replace all existing inheritable auditing entries on all descendants with inheritable auditing entries from this object checkbox to propagate this setting to all sub folders and files existing or created below this folder. Select the Auditing tab in the Advanced Security Settings dialog. Click the Edit button and ensure that some level of auditing exists. Auditing can generate a large amount of logs, and if too verbose can make the job of monitoring the server logs difficult. Auditing every successful file read in this directory may not be necessary. Use your judgement to determine an appropriate auditing policy based on your security requirements. A good minimal policy would be to audit all Fails, and certain Success events (Delete, Change Permissions, etc). 10
![](/manual_guide/products/adobe-38043740-lockdown-guide-7b304c4/10.png)