Secure Scripting for Groovy

mattydebie · January 30, 2019, 12:49pm

Hi everyone!

Today I was looking for a way to secure script tasks. I noticed in the docs that this is possible by using Mozilla’s Rhino which seems to be only javascript.

My question is if there is also a way to secure Groovy scripts? I could not seem to find any…
Some ways could be to run flowable in chroot (this way no rm -rf / could harm the host) but than you could still mess up the flowable installation…

Any and every thought is welcome

Sincerely
Matthias

Robinyo · January 30, 2019, 10:12pm

See:

Also see:

GraalVM and Groovy

rajitjuyal · August 5, 2021, 11:00am

Hi All,
I am also looking for a way to secure groovy scripts.
Is flowable is providing functionality to secure the groovy script, similar to the flowable secure javascript module provided for javascript?

Best Regards,
Rajit

Topic		Replies	Views
Is scripting possible in Flowable Flowable Engine	6	1469	February 11, 2022
Is it possible to compile groovy script task statically Flowable Engine	17	2690	June 19, 2017
Is it possible to use groovy 2.5.4 without any problems? Flowable Engine	2	386	December 29, 2018
Script Task : groovy code not executed	1	1906	January 19, 2018
Secure Scripting: Script task completion issue Flowable Engine	4	1906	December 20, 2016

Secure Scripting for Groovy

Related topics