Enforce field level ACLs in GlideRecordSandbox

  • Release version: Yokohama
  • Updated January 30, 2025
  • 1 minute to read

    • Manage field level ACLs in GlideRecordSandbox on your instance.

    Use the glide.sandbox.fields.check_acl property to enforce field level ACLs in GlideRecordSandbox. An example in which this property is applied is when a user can provide a script, like in sysparm_query. If this property is not set to the recommended value of true, ACL restrictions can be bypassed, which enables sensitive data to be compromised, such as a sys_user.user_password from an unauthorized user.

    Warning:
    The value for this property is a no DB override. It can't be altered or overridden.

    More information

    Attribute Description
    Configuration name glide.sandbox.fields.check_acl
    Configuration type System Properties (/sys_properties_list.do)
    Data type boolean
    Recommended value true
    Default value true
    Category Access control
    Security risk
    • Severity score: 7.5
    • CVSS score: High
    • Security risk details: Setting this property to false enables ACL restrictions to be bypassed which could expose sensitive data.
    Dependencies and prerequisites None