tracker issue : CF-4203416

select a category, or use search below
(searches all categories and all time range)
Title:

ColdFusion 2018 Component Inheritance failing with Sandbox Security enabled.

| View in Tracker

Status/Resolution/Reason: Closed/Withdrawn/Duplicate

Reporter/Name(from Bugbase): dakota c / ()

Created: 10/26/2018

Components: CFComponent

Versions: 13.0

Failure Type: Others

Found In Build/Fixed In Build: ColdFusion 2018 Update 1 /

Priority/Frequency: Normal / All users will encounter

Locale/System: ALL / Win 2012 Server x64

Vote Count: 0

Problem Description: Starting in ColdFusion 2018 we're showing that CF is no longer allowing individual applications to utilize component inheritance with Sandbox Security enabled. This only effects applications using Sandbox Security. After ColdFusion is started the first website to access a component object is then the only website on the server that can utilize this component. This causes all other applications attempting to utilize the same component with inheritance to begin failing with a access denied error for "Read" access.

Steps to Reproduce: Attached is a three script test case that you can setup on two separate websites with Sandbox security enabled. After browsing to one of the websites you will see that the second application using inheritance will begin throwing the sandbox security error. 

Actual Result: Security: The requested template has been denied access to D:/home/testwebsite.com/wwwroot/ddtest.cfc.

Expected Result: Text output: "test".

Any Workarounds: Disabling Sandbox security for the effected website which is not ideal in a shared environment.

Attachments:

Comments: