Execute Program Action - BlackListCommands

Execute Program Action - BlackListCommands

There are certain commands which are vulnerable to security threats in both Windows and Linux operating systems such as del and deltree.
Such commands can be restricted for execution from Execute Program action. By default, we are restricting the below commands:
 
Windows:       deldeltreenetstat
Linux:         chmod, crontab, netstat, rm, chattr
 
Apart from the above mentioned commands, customers can also choose to blacklist any other commands if he intends to. This can be achieved by adding an entry in BlackListCommands.properties file located under <Applications Manager Home>/conf/ directory.
 
Note: Customer has to restart the Applications Manager once he modifies the BlackListCommands.properties file.
 
If the user needs to allow the commands in a single shot without removing them from BlackListCommands.properties file, enable the "Allow Blacklisted Commands" checkbox featured in Action / Alarm Settings under Admin tab.

Example:

If the user tries to use the blacklisted commands while creating and updating the Execute Program Action (without enabling the Allow Blacklisted Commands checkbox), an alert message will popup as shown below:


                  New to ADSelfService Plus?