Ask Your Question
0

Are there any security policies to control what a script task can do? What happens if there is malicious code inside the Lua or Node.js script task?

asked 2017-12-20 05:02:17 -0600

Yuliya gravatar image

Are there any security policies to control what a script task can do? What happens if there is malicious code inside the Lua or Node.js script task?

edit retag flag offensive close delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2017-12-20 05:58:32 -0600

SupportProcessMakerIO gravatar image

ProcessMaker I/O environments are fully sandboxed. This means:

  • There is no possibility to cross-contaminate between environments.
  • One environment cannot be used to gain access to other environments.

Of course, like with any cloud compute resource, ProcessMaker cannot control when someone runs a process with scripts in a ProcessMaker I/O environment intended for malicious purposes. However, this is not unique to ProcessMaker: any cloud compute resource could be used maliciously to run data through a ProcessMaker process. Data is encrypted, so we do not know what type of data someone is passing through a ProcessMaker I/O process. Again, this is not unique to ProcessMaker I/O.

edit flag offensive delete publish link more

Your answer

Please start posting your answer anonymously - your answer will be saved within the current session and published after you log in or create a new account. Please try to give a substantial answer, for discussions, please use comments and please do remember to vote (after you log in)!

Add answer

[hide preview]

Question tools

Follow
1 follower

Stats

Asked: 2017-12-20 05:02:17 -0600

Seen: 215 times

Last updated: Dec 20 '17