ECL security access options
There are three categories of access options for ECLs.
Categories are:
- What others do (workstation security)
- Using applets
- Using JavaScript™
What others do
Choose from these options when setting up access to workstation data for active content, such as Notes® databases and NSF composite applications.
Options that apply to XPages applications are noted. For more information on XPages security, including use of Active Content Filtering to guard against malicious code being entered into an XPage input control during execution, see IBM® Domino® Designer 9.0.1 Social Edition Help.
Allow access to | If enabled, allows formulas and code to |
---|---|
File system | Attach, detach, read to, and write from workstation files. Also applies to Java™ code executed from XPages applications. |
External code | Run LotusScript® classes and DLLs that are unknown to Notes® |
Current Notes database | Read and modify the current database |
Environment variables | Use @SetEnvironment and @GetEnvironment and LotusScript® methods to access
the NOTES.INI file. Also applies to Java™ System Properties accessed by Java™ code executed from XPages applications. |
Network | Bind to and accept connections on a privileged port (a port outside the range 0 to 1024), and establish connections with other servers. Also applies to Java™ code executed from XPages applications. |
External programs | Access other applications, including activating any OLE object |
Non-Notes databases | Use @DBLookup , @DBColumn ,
and @DBCommand to access databases when the first
parameter for these @ functions is a database driver of another application |
Allow ability to | If enabled, allows formulas and code to |
---|---|
Send mail | Use functions such as @MailSend to
send mail |
Read other Notes databases | Read information in databases other than the current database |
Read from property broker | Read from NSF composite applications |
Modify your Execution Control List | Modify the ECL |
Configure Widget capabilities | Work with widgets, including those created from OpenSocial gadgets. For more information, see the related topic on policies for the OpenSocial component. |
Export data | Print, copy to the clipboard, import, and export data |
Modify other databases | Modify information in databases other than the current database |
Write to property broker | Write to NSF composite applications |
Using applets
Choose from these options when setting up access to workstation data for Java™ applets that run in Notes®:
Allow access to |
If enabled, allows Java™ applets to |
---|---|
File system |
Read and write files on the local file system. |
Notes® Java™ classes |
Load and call the Domino® objects for Java™ and CORBA. |
Network addresses |
Bind to and accept connections on a privileged port (a port outside the range 0 to 1024) and establish connections with other servers. |
Printing |
Submit print jobs. |
System properties |
Read system properties such as color settings and environment variables. |
Dialog and clipboard |
Access the system clipboard. Also disables the security banner that is displayed in the top-level window to indicate that a Java™ applet created the window. Displaying the security banner reminds users not to enter security-sensitive information into a dialog that masquerades as a password dialog, for example. |
Process-level access |
Create threads and threadgroups, fork and run external processes, load and link external libraries, access non-public members of classes using Java™ core reflection, and access the AWT event queue. |
Using JavaScript™
These options control access to workstation data for JavaScript™ that runs in the Notes® client, on a Notes® form or on a Web page rendered by the Notes® browser. These options do not control JavaScript™ run by other browsers, including the Microsoft™ Internet Explorer browser, even when the browser is embedded in the Notes® client.
JavaScript™ ECL settings control whether JavaScript™ code can read and/or modify JavaScript™ properties of the Microsoft™ Windows™ object. You can allow read access from, and write access to, the properties of the Window object. As the top-level object in the JavaScript™ document object model, the Window object has properties that apply to the entire window. Securing access to the Window object secures access to other objects on the page since the JavaScript™ program cannot access the objects further down in the object model hierarchy without first traversing the Window object.
Window object class |
Description |
Default |
---|---|---|
Source window |
Controls JavaScript™ access to the Window object on the same page as the JavaScript™ code. Selecting this option does not prevent a JavaScript™ directly to the object on the source window, because doing so circumvents the Window object; therefore this ECL option is not enforced. |
Allow read and write access |
Other window from same host |
Controls JavaScript™ access to the Window object on a different page from the JavaScript™ code, but from a page using the same host. For example, JavaScript™ code on a page on www.IBM.com can access the Window object on another page on www.IBM.com. This allows two pages to interact if they are within the same frameset. |
Allow read and write access |
Other window from different host |
Controls JavaScript™ access to the Window object on a different page within a frameset that uses a different host. For example, JavaScript™ code on a page on www.IBM.com can access the Window object on a page on any other server. Note: Enabling this option
poses a high security risk because of the possibility of malicious
code on one page of the frameset accessing data on another page. |
Not allow read and write access |
Two additional ECL options control whether JavaScript™ that runs in the Notes® client is authorized to open a new Web page or Notes® document.
Option |
Description |
Default |
---|---|---|
URL on same host |
Controls access for opening a page or Notes® document on the same host as the JavaScript™ code. |
Allow open access |
URL on different host |
Controls access for opening a page or Notes® document on a different host as the JavaScript™ code. |
Not allow open access |