Title:
ColdFusion 2018 Component Inheritance failing with Sandbox Security enabled.
| View in TrackerStatus/Resolution/Reason: Closed/Fixed/Fixed
Reporter/Name(from Bugbase): dakota c. / ()
Created: 10/26/2018
Components: Language, CF Component
Versions: 2018
Failure Type:
Found In Build/Fixed In Build: ColdFusion 2018 Update 1 / 313246
Priority/Frequency: Normal / All users will encounter
Locale/System: / Win 2012 Server x64
Vote Count: 0
Problem Description: Starting in ColdFusion 2018 we're showing that CF is no longer allowing individual applications to utilize component inheritance with Sandbox Security enabled. This only effects applications using Sandbox Security. After ColdFusion is started the first website to access a component object is then the only website on the server that can utilize this component. This causes all other applications attempting to utilize the same component with inheritance to begin failing with a access denied error for "Read" access.
Steps to Reproduce: Attached is a three script test case that you can setup on two separate websites with Sandbox security enabled. After browsing to one of the websites you will see that the second website using the same scripts/component will begin throwing the sandbox security error. This does not occur in earlier versions of ColdFusion. (10, 11, 2016).
Actual Result: Security: The requested template has been denied access to D:/home/testwebsite.com/wwwroot/footest.cfc.
Expected Result: Text output: "test".
Any Workarounds: Disabling Sandbox security for the effected website which is not ideal in a shared environment.Attachments:
Comments: