Status/Resolution/Reason: Closed/Fixed/Fixed
Reporter/Name(from Bugbase): Matt Smith / Matt Smith ()
Created: 11/22/2017
Versions: 2016,11.0,2018
Failure Type: Non Functioning
Found In Build/Fixed In Build: 2016,0,05,303689 / 312468
Priority/Frequency: Normal / Some users will encounter
Locale/System: ALL / Windows 10 64 bit
Vote Count: 0
Problem Description:
With sandbox security active the getFreeSpace and getTotalSpace functions throw errors.
Steps to Reproduce:
This issue was also reproduced in CF11.
Create file/folder /wwwroot/test/index.cfm
Add the following to line 1: <cfdump var="#getFreeSpace('C:/')#">
With Sandbox Security Off run /test/index.cfm page
Result: 376060624896
Activate Sandbox Security
Restart Coldfusion Server
Add wwwroot/test to Defined Directory Permissions
Under Files/Dirs add Read/Write permissions for C:/.
Run page /test/index.cfm
Actual Result:
Error Thrown
Security: The requested template has been denied access to getFileSystemAttributes.
The following is the internal exception message: access denied ("java.lang.RuntimePermission" "getFileSystemAttributes")
Expected Result:
376060624896
Any Workarounds:
Edit the /cfusion/lib/neo-security.xml file.
Add the node:
<struct><var name='TARGET'><string>getFileSystemAttributes</string></var><var name='ACTION'><string/></var><var name='CLASS'><string>java.lang.RuntimePermission</string></var></struct>
to the runtime permissions section for the /test/ directory.
I added mine after the </struct> tag of the setFactory entry.
Restart Service
Re-execute the /test/index.cfm page and the expected result is shown.Attachments:
Comments: