Enforce Strict User Image Upload

Release version: Australia

Updated March 12, 2026

1 minute to read

Use the glide.security.strict.user_image_upload property to enable Access Control for the upload/update of a profile picture when performed on a user record.

If the glide.security.strict.user_image_upload system property isn't set to the recommended value of true, then ACLs aren't enforced on image uploads to the Photo field. When the property is set to true, the table ACLs are enforced when uploading photos, only allowing authorized users to upload an image.

Ensure that the property glide.security.strict.user_image_upload is set to true.

More information


Attribute	Description
Configuration name	glide.security.strict.user_image_upload
Configuration type	System Properties (/sys_properties_list.do)
Data type	Boolean
Recommended value	true
Default value	true
Fallback value	true
Category	Access control
Security risk	Severity score: 3.7 CVSS rating: Low Security risk details: An unauthorized user may upload an image to another user's profile.
Functional impact	No functionality impact as authorized users are still able to upload images to their user profile.
Dependencies and prerequisites	None