Servicenow acl query

Aditya08
Kilo Sage

4 hours ago

Hi everyone, I’ve noticed that some properties/records which are restricted to be updated only by the maint role in the UI can still be modified using Scripts – Background. Is this expected platform behavior due to elevated script execution privileges, or is there a recommended way to prevent such updates? I’m trying to understand the security best practices around controlling admin/script-level changes and whether additional ACLs or governance controls are typically used

 

 

Aditya08_0-1770804543322.png

 

 

After background script :

 

Aditya08_1-1770804582435.png

 

Background script: 

Aditya08_2-1770804599860.png

 

 

I also look at its acl then i got ACL Like write access is only for nobody role,still it will get updated by background script 

 

Aditya08_3-1770805557391.png

 

Aditya08_4-1770805568345.png

 

 

 

 

0 Helpfuls
  • 46 Views
1 REPLY 1

Ankur Bawiskar
Tera Patron

4 hours ago - last edited 4 hours ago

@Aditya08 

you are using GlideRecord and it doesn't evaluate ACL

If you use GlideRecordSecure, it checks ACL and you won't be allowed to update

Try that once

GlideRecordSecure | GlideRecord vs GlideRecordSecure | When to use GlideRecordSecure 

💡 If my response helped, please mark it as correct and close the thread 🔒— this helps future readers find the solution faster! 🙏

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls