GROW
CODA App

config

Enable Blacklist for Attachments

This issue is found automatically by CODA.
Time to fix: 30min

What is this glide property used for?

The glide.security.attachment_type.use_blacklist controls whether the platform should validate the attachment against the blacklist or not. A blacklist is a series of block file extensions that are commonly associated with executable files, such as:

  • .exe: Executables - These files carry the .exe extension and are designed to be executed on a computer system, allowing programs or applications to run.

  • .dll: Dynamic Link Libraries - Files with the .dll extension, these libraries contain reusable code and resources that can be shared by multiple programs.

  • .jar: Java Archive files containing Java classes and resources - While .jar files are used for legitimate Java applications, they can also be used to distribute malicious code.

This property is primarily used as a security measure to prevent potentially harmful file types from being uploaded to the ServiceNow instance. By maintaining a blacklist of specific file extensions, administrators can block attachments that are commonly associated with malicious content or known security risks.

Why is this an issue?

When the glide.security.attachment_type.use_blacklist is set to false, any type of malicious attachment can be added to the instance, including malicious files, unauthorized code execution, and other security threats.

The attachment blacklist contributes to a defense-in-depth strategy of the instance by providing an additional layer of security. It complements other security measures, such as access controls and vulnerability management.

How do I fix it?

Before setting the glide.security.attachment_type.use_blacklist property to true, it is important to ensure that you have properly configured the glide.attachment.blacklisted.extensions and glide.attachment.blacklisted.types properties.

  • The glide.attachment.blacklisted.extensions property allows you to define a list of file extensions that should be blocked from being attached in ServiceNow.

  • The glide.attachment.blacklisted.types property enables you to specify a set of MIME types that should be blocked.

Once you have configured both of these properties and having admin access, follow these procedures to set glide.security.attachment_type.use_blacklist to true:

  1. In the Filter Navigator, type and enter sys_properties.list.

  2. Search for glide.security.attachment_type.use_blacklist.

  3. Set Value column to true.