Adobe 38043740 - ColdFusion Standard - Mac Manual page 50

You may consider using chmod -R 550 /web instead of 750 if write permission is not needed by ColdFusion
on all files or directories.
# chcon -R --reference=/var/www /web
4.2.3: Specify permissions for ColdFusion Directories
chown -R cfusion:root /opt/coldfusion10/
chmod -R 750 /opt/coldfusion10/
You should consider a more restrictive file permission structure which removes any unnecessary write
permissions. The permissions specified above will allow ColdFusion to have full control over the files in its own
directories as needed by the CF administrator or hotfix installer - a more restrictive approach while more
secure may cause errors in ColdFusion administrator or elsewhere. If you do not make changes in the
ColdFusion administrator and only run the hotfix installer by root you can setup more restrictive file security.
Now to allow access Apache to serve files in the /CFIDE we need to ensure that apache has execute
permissions on all parent folders so that it can traverse the directory structure:
chown cfusion:webservices /opt/coldfusion10/
chown cfusion:webservices /opt/coldfusion10/cfusion/
chown cfusion:webservices /opt/coldfusion10/cfusion/wwwroot/
chmod 710 /opt/coldfusion10/
chmod 710 /opt/coldfusion10/cfusion/
chmod 710 /opt/coldfusion10/cfusion/wwwroot/
chown -R cfusion:webservices /opt/coldfusion10/cfusion/wwwroot/CFIDE/
chmod 750 /opt/coldfusion10/cfusion/wwwroot/CFIDE/
chcon -R --reference=/var/www /opt/coldfusion10/cfusion/wwwroot/CFIDE
4.2.4: Install Apache Connector
As root run the connector installer utility called wsconfig with the following options:
/opt/coldfusion10/cfusion/runtime/bin/wsconfig -ws Apache \
-dir /etc/httpd/conf/ \
-cfide /opt/coldfusion10/cfusion/wwwroot/CFIDE/ \
50