Lack of Snipex Security - Bug Mark Drew About It

If Mark's anything like me, he tends to getting to things quicker when more and more people bug him about it. If you haven't taken a look at Snipex yet, you should (http://snipex.riaforge.org/). It's a CFC and tiny database schema that allows you to set-up a central repository of CFEclipse snippets. It's a great idea... but unfortunately there's no way to secure it. The CFEclipse plug-in doesn't support challenge/response authentication. Even if you want to put together a quick security hack to secure your company snipex server by requiring a URL variable that only you and your internal employees know about, you're out of luck... the plug-in doesn't appear to support that either.

I already spoke with Mark about the issue recently at CFUnited and he was 100% on-board with the idea that it should be able to run in a secure manner, and I've already created a ticket in the CFEclipse Wiki... but like I said, bugging people makes them do stuff. So if you know Mark, bug him for me!

BTW - I really only blogged about this to make people aware of the fact that if you use a snipex server, you can't easily secure it in it's current state so be careful how/where you deploy it if you need to. Don't give Mark a hard time. We're buddies and I'm sure he'll get to it when he can... AND he's taken on one of the most thankless but important jobs available in the CF Community. Keep up the good work, Mark!