Restrict allowed Java packages [Updated in Security Center 1.3]
Configuring these properties protect from dangerous APIs being exposed to the scripting engine.
Configure the system tables and install the recommended plugin accordingly.
If the sys_whitelist_member and sys_whitelist_package table are not empty values, then dangerous APIs may be exposed to the scripting engine. Entries correspond to the Java namespace that have not been approved by ServiceNow security teams.
Install the Packages call removal tool. See Packages call removal tool for details.
Contact Customer Service and Support to edit these tables.
More information
| Attribute | Description |
|---|---|
| Table, plugin name | Tables:
|
| Configuration type | Tabular Configuration, Plugins |
| Category | Validation, sanitization, and encoding |
| Purpose | Protect from dangerous APIs being exposed to the scripting engine. |
| Recommended value | Empty |
| Default value | None. This is a table configuration and not a Glide Property, so there is no default value. |
| Configuration type | table list, plugin |
| Security risk | (High) Dangerous APIs may be exposed to the scripting engine. These supported APIs will likely introduce instability and insecurity within the instance. |
| Security risk rating | 8.2 |
To learn more about adding or creating a system property, see Add a system property.