How to address instance scan issue with Record Producer to set role for it and for the script
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-12-2022 01:48 PM
Hi Expert,
Any suggestions how to address the instance security scan issue for record producer as below?
Record producers should be assigned appropriate role, record producer script should secure GlideRecord and/or GlideSystem API calls.
Should just assign a public role to it? But the role field is always hide, also how to address the script security in the record producer?
Thanks lot for your help!
Jerry
- Labels:
-
Platform and Cloud Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-22-2023 03:53 AM
If you look at the check's code, it says that all record produces containing server-side code (GlideRecord specifically) in script field should have a role selected in roles field. Honestly, I'm not convinced this makes a lot of sense, I'd rather use user criteria instead. But if you have a record producer that should be available to all your employees, select snc_internal role. If it should be visible to your customers (assuming you have CSM app) select snc_external.