AnsweredAssumed Answered

Sandboxing script task

Question asked by robi_m on Mar 6, 2014
Latest reply on Mar 10, 2014 by frederikheremans1
Spring app with Activiti engine embedded runs server-side. I need to secure (sandbox) user-defined scripts deployed on demand. The only Activiti-related doc I found describes how to limit ScriptTask's Spring beans visibility (=white list) but this is obviously not enough - e.g. a malicious user can just import Java io and read sensitive info etc., etc.

Thoughts?

Outcomes