SECURITY


ECL security access options
There are three categories of access options for ECLs.
What others do

Choose from these options when setting up access to workstation data for active content, such as IBM® Lotus® Notes® databases and NSF composite applications.

Options that apply to Xpages applications are noted. For more information on Xpages security, including use of Active Content Filtering (ACF) to guard against malicious code being entered into an XPage input control during execution, see the Domino Designer Help.
Allow access toIf enabled, allows formulas and code to
File systemAttach, detach, read to, and write from workstation files. Also applies to Java™ code executed from XPages applications.
External codeRun LotusScript classes and DLLs that are unknown to Notes
Current databaseRead and modify the current database
Environment variablesUse the @SetEnvironment and @GetEnvironment variables and LotusScript methods to access the NOTES.INI file. Also applies to Java System Properties accessed by Java code executed from XPages applications.
NetworkBind to and accept connections on a privileged port (a port outside the range 0 to 1024), and establish connections with other servers. Also applies to Java code executed from XPages applications.
External programsAccess other applications, including activating any OLE object
Non-Notes databasesUse @DBLookup, @DBColumn, and @DBCommand to access databases when the first parameter for these @ functions is a database driver of another application
Allow ability toIf enabled, allows formulas and code to
Send mailUse functions such as @MailSend to send mail
Read other databasesRead information in databases other than the current database
Read from property brokerRead from NSF composite applications
Modify your Execution Control ListModify the ECL
Export dataPrint, copy to the clipboard, import, and export data
Modify other databasesModify information in databases other than the current database
Write to property brokerWrite to NSF composite applications

Using applets

Choose from these options when setting up access to workstation data for Java™ applets that run in Lotus Notes:
Allow access toIf enabled, allows Java applets to
File systemRead and write files on the local file system.
Notes Java classesLoad and call the Domino objects for Java and CORBA.
Network addressesBind to and accept connections on a privileged port (a port outside the range 0 to 1024) and establish connections with other servers.
PrintingSubmit print jobs.
System propertiesRead system properties such as color settings and environment variables.
Dialog and clipboard Access the system clipboard. Also disables the security banner that is displayed in the top-level window to indicate that a Java applet created the window. Displaying the security banner reminds users not to enter security-sensitive information into a dialog that masquerades as a password dialog, for example.
Process-level accessCreate threads and threadgroups, fork and run external processes, load and link external libraries, access nonpublic members of classes using Java core reflection, and access the AWT event queue.

Using JavaScript

These options control access to workstation data for JavaScript™ that runs in the Lotus Notes client, on a Lotus Notes form or on a Web page rendered by the Lotus Notes browser. These options do not control JavaScript run by other browsers, including the Microsoft® Internet Explorer browser, even when the browser is embedded in the Lotus Notes client.

JavaScript ECL settings control whether JavaScript code can read and/or modify JavaScript properties of the Microsoft® Windows® object. You can allow read access from, and write access to, the properties of the Window object. As the top-level object in the JavaScript document object model, the Window object has properties that apply to the entire window. Securing access to the Window object secures access to other objects on the page since the JavaScript program cannot access the objects further down in the object model hierarchy without first traversing the Window object.

Window object classes are described in the following table:
Window object classDescriptionDefault
Source windowControls JavaScript access to the Window object on the same page as the JavaScript code. Selecting this option does not prevent a JavaScript directly to the object on the source window, because doing so circumvents the Window object; therefore this ECL option is not enforced.Allow read and write access
Other window from same hostControls JavaScript access to the Window object on a different page from the JavaScript code, but from a page using the same host. For example, JavaScript code on a page on www.lotus.com can access the Window object on another page on www.lotus.com. This allows two pages to interact if they are within the same frameset. Allow read and write access
Other window from different hostControls JavaScript access to the Window object on a different page within a frameset that uses a different host. For example, JavaScript code on a page on www.lotus.com can access the Window object on a page on any other server.

Note Enabling this option poses a high security risk because of the possibility of malicious code on one page of the frameset accessing data on another page.

Not allow read and write access
Two additional ECL options control whether JavaScript that runs in the Lotus Notes client is authorized to open a new Web page or Lotus Notes document. You can enable open access for these options, described in the following table:
OptionDescriptionDefault
URL on same hostControls access for opening a page or Notes document on the same host as the JavaScript code.Allow open access
URL on different hostControls access for opening a page or Notes document on a different host as the JavaScript code.Not allow open access
Related topics