Effect of new security related system properties on Instance Security Center?

Go to solution
Ronald11
Tera Expert

‎07-20-2022 05:09 PM

Hello,

Has anybody encountered yet the new added system properties glide.script_processor.authorized_script_module_role
and glide.sandbox.usersession.allow_unsanitized_messages because it seems that it made our instance give a compliance score of 87. Does anybody have further ideas on the effect of these two added properties?

find_real_file.png

One last thing to add, it was reported to us that penetration test cannot be done does it relate to this too?

Thanks in advance

Labels:
Preview file
9 KB
0 Helpfuls
  • 1,502 Views
1 ACCEPTED SOLUTION

Go to solution
Maik Skoddow
Tera Patron
Tera Patron

‎07-20-2022 05:43 PM

Hi

thanks for reporting these system properties I wasn't are of until now.

The documentation pages for these two properties are:

And reading that documentation I think it makes sense to follow the recommendation provided there.

And you shouldn't stick too much on the compliance score. It is just a number and can vary from instance to instance - always depending on the current customer's scenario. It is more important to document why you have set the properties accordingly.

Your question regarding the penetration test cannot be answered as all the details and background information are missing.

Kind regards
Maik

View solution in original post

6 REPLIES 6

Go to solution
Maik Skoddow
Tera Patron
Tera Patron

‎07-20-2022 05:43 PM

Hi

thanks for reporting these system properties I wasn't are of until now.

The documentation pages for these two properties are:

And reading that documentation I think it makes sense to follow the recommendation provided there.

And you shouldn't stick too much on the compliance score. It is just a number and can vary from instance to instance - always depending on the current customer's scenario. It is more important to document why you have set the properties accordingly.

Your question regarding the penetration test cannot be answered as all the details and background information are missing.

Kind regards
Maik

Go to solution
Ronald11
Tera Expert
In response to Maik Skoddow

‎07-20-2022 07:00 PM

Thanks for the info and your insights. Much appreciated. 

0 Helpfuls

Go to solution
Ronald11
Tera Expert
In response to Maik Skoddow

‎07-20-2022 07:03 PM

Just another question, do you any idea on how to elaborate more on safe override. I cannot catch the idea on the definition provided by service docs. Does it mean that once we set it to true, it cannot be set back to false again? 

https://docs.servicenow.com/bundle/sandiego-platform-administration/page/administer/security/referen...

Thanks in advance

0 Helpfuls

Go to solution
Vasanth Pandia2
Tera Contributor

‎08-09-2022 10:21 PM

Hello,

For the property:  glide.script_processor.authorized_script_module_role

After creating this property and mentioning roles in the value, how do we test this property, that it is restricting script execution?

0 Helpfuls