Enforce field ACLs for inbound query requests

Watch

Save as PDF

Share this page

Feedback

HomeYokohama Platform securityPlatform SecurityHardening settingsArchitecture, design, and threat modelingEnforce field ACLs for inbound query requests

Table of Contents

Enforce field ACLs for inbound query requests

Release version:
Yokohama
Xanadu
Washington DC
Vancouver
UpdatedJan 30, 2025
1 minute read

Yokohama
Platform Security

Manage how incoming queries are validated on your instance.

Use the glide.export.query.enforce_field_acl property to check how incoming queries are validated on your instance. If the property is set to the recommended value of true, field ACLs are checked against incoming queries, and rejected if the user is unauthorized. If the property is set to false, ACLs are not checked against incoming queries and continue to execute which can lead to information disclosure to unauthorized parties.

More information

Search:


Attribute	Description
Configuration name	glide.export.query.enforce_field_acl
Configuration type	System Properties (/sys_properties_list.do)
Data type	boolean
Recommended value	true
Default value	true
Category	Architecture, design, and threat modeling
Security risk	Severity score: 4.4 CVSS score: Medium Security risk details: If this property is set to false, ACLs are not checked against incoming queries which can lead to information disclosure.
Dependencies and prerequisites	None

Yokohama Platform security

Filters

Versions

Products