Effect of new security related system properties on Instance Security Center?

Ronald11
Tera Expert

Hello,

Has anybody encountered yet the new added system properties glide.script_processor.authorized_script_module_role
and glide.sandbox.usersession.allow_unsanitized_messages because it seems that it made our instance give a compliance score of 87. Does anybody have further ideas on the effect of these two added properties?

find_real_file.png

One last thing to add, it was reported to us that penetration test cannot be done does it relate to this too?

Thanks in advance

1 ACCEPTED SOLUTION

Maik Skoddow
Tera Patron
Tera Patron

Hi

thanks for reporting these system properties I wasn't are of until now.

The documentation pages for these two properties are:

And reading that documentation I think it makes sense to follow the recommendation provided there.

And you shouldn't stick too much on the compliance score. It is just a number and can vary from instance to instance - always depending on the current customer's scenario. It is more important to document why you have set the properties accordingly.

Your question regarding the penetration test cannot be answered as all the details and background information are missing.

Kind regards
Maik

View solution in original post

6 REPLIES 6

Maik Skoddow
Tera Patron
Tera Patron

Hi

thanks for reporting these system properties I wasn't are of until now.

The documentation pages for these two properties are:

And reading that documentation I think it makes sense to follow the recommendation provided there.

And you shouldn't stick too much on the compliance score. It is just a number and can vary from instance to instance - always depending on the current customer's scenario. It is more important to document why you have set the properties accordingly.

Your question regarding the penetration test cannot be answered as all the details and background information are missing.

Kind regards
Maik

Thanks for the info and your insights. Much appreciated. 

Just another question, do you any idea on how to elaborate more on safe override. I cannot catch the idea on the definition provided by service docs. Does it mean that once we set it to true, it cannot be set back to false again? 

https://docs.servicenow.com/bundle/sandiego-platform-administration/page/administer/security/referen...

Thanks in advance

Vasanth Pandia2
Tera Contributor

Hello,

For the property:  glide.script_processor.authorized_script_module_role

After creating this property and mentioning roles in the value, how do we test this property, that it is restricting script execution?