1. Administering Oracle Enterprise Data Quality
  2. Configuring Secure Script Execution

19 Configuring Secure Script Execution

Processors that support direct entry of scripts in JavaScript or Groovy raised security concerns because these processors could access Java classes directly and perform sensitive operations when executed on the EDQ server. To address this issue, EDQ versions before 14.1.2.0.0 could be configured to use the Java Security Manager framework for secure script execution. However, this feature is deprecated in JDK version 17 and later.

EDQ 14.1.2 introduces a configuration property called scriptprocessor.security to control the behavior of direct entry script processors and gadgets. When scriptprocessor.security is set to true, EDQ exhibits the following behavior:

  • Groovy scripts are not allowed. You can no longer sandbox Groovy to prevent direct use of Java classes.
  • JavaScript scripts cannot reference any Java classes directly.
  • Scripts cannot use the importClass and importClassSet functions.
  • Scripts by default cannot use any script libraries (loaded by addLibrary).

Note that this enhancement applies to the use of scripts in direct-entry script processors and gadgets only. This does not affect all the other uses of scripts (for example, triggers and so on).

Using libraries in scripts

When script processor security is enabled, scripts cannot load any of the script libraries provided with EDQ. To enable the use of selected libraries, create a file named libraries.json in localconfig/security/scripting. The JSON file should contain an object keyed by library name. The value associated with each key is an object containing an available attribute. If this is true, the library can be used in scripts.

For example:

{ "logging": {"available": true},
  "oci":     {"available": true}
}

Preventing infinite loops

Other than the direct insecure use of Java classes, there is another issue with direct entry scripts where a user can create an infinite loop. When the processor is executed, the EDQ server may remain unresponsive indefinitely.

To guard against such loops, you can use the following additional property when you enable script processor security:

script.processor.statement.limit = LIMIT

This sets a limit on the number of script statements that can be executed in a single invocation of the script. The script will fail if the limit is exceeded. Note that you may need to tune and optimize your JavaScript statements to reach a value that does not generate errors for valid scripts.