Enable scoped admin application ACLs [Updated in Security Center 1.3]
The glide.security.scoped_administration.honor_global_acl determines whether an application administration app can inherit global access control list (ACL) rules.
This property is especially useful when there are no scoped admin application ACLs defined for the record scope.
Set glide.security.scoped_administration.honor_global_acl to true to prevent a low privileged user with permissions to the application to potentially access sensitive records.
More information
| Attribute | Description |
|---|---|
| Property name | glide.security.scoped_administration.honor_global_acl |
| Configuration type | System Properties (/sys_properties_list.do) |
| Category | Access control |
| Purpose | Controls ACL access rule in scoped admin application. |
| Recommended value | True |
| Default value | True |
| Configuration type | Boolean |
| Security risk | (Low) When the property value is true and there are no scoped admin application ACLs defined for the record scope, the global ACLs will be honored. If set to false, with no scoped admin application ACLs defined for the record scope, ACL checks will be ignored. |
| Security risk rating | 3.8 |
| References | Access control rules in application administration apps |
To learn more about activating a plugin, see Activate a plugin