- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-20-2022 05:09 PM
Hello,
Has anybody encountered yet the new added system properties glide.script_processor.authorized_script_module_role
and glide.sandbox.usersession.allow_unsanitized_messages because it seems that it made our instance give a compliance score of 87. Does anybody have further ideas on the effect of these two added properties?
One last thing to add, it was reported to us that penetration test cannot be done does it relate to this too?
Thanks in advance
Solved! Go to Solution.
- Labels:
-
Platform and Cloud Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-20-2022 05:43 PM
Hi
thanks for reporting these system properties I wasn't are of until now.
The documentation pages for these two properties are:
- https://docs.servicenow.com/en-US/bundle/sandiego-platform-administration/page/administer/security/r...
- https://docs.servicenow.com/en-US/bundle/sandiego-platform-administration/page/administer/security/r...
And reading that documentation I think it makes sense to follow the recommendation provided there.
And you shouldn't stick too much on the compliance score. It is just a number and can vary from instance to instance - always depending on the current customer's scenario. It is more important to document why you have set the properties accordingly.
Your question regarding the penetration test cannot be answered as all the details and background information are missing.
Kind regards
Maik
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-16-2023 02:51 AM
Hi @Vasanth Pandia2 ,
Did you get any inputs on this? If yes, could you please provide some information. I have a requirement to implement this.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-10-2022 08:02 AM
Hi,
We are also trying to implement the new security properties in San Diego, but it looks like there is a problem (KB1124038) with the glide.script_processor.authorized_script_module_role property that will not be fixed until Utah which will prevent us from implement it. I thought I would shared it for others who might also be looking for testing scenarios.
- Eric