Security
These settings control the behaviour of Impact when it encounters macros or unsigned scripts. Scripts might potentially contain malicious code; by signing a script, the author can ensure that it is not executed if anyone has altered the code.
A script is considered unsafe if it does not contain a signature, or the signature does not match the script, or if the signature belongs to an unknown source.
Macros cannot be signed, and therefore are always considered to be unsafe.
Run VB Scripts not marked as safe - choose what should happen each time there is an attempt to execute an unsafe script:
- Disabled (recommended) - generate an error saying that the unsafe script has been blocked.
- Enabled - execute the script without any signature checking. Clearly this is the least secure option.
- Prompt - generate a warning, asking the user whether the unsafe script should be executed.
Scripts having a valid signature will always be executed without any messages.
Run VB Scripts not marked as safe on nServer.
- Disabled (recommended) - unsafe scripts will be blocked.
- Enabled - execute the script
Run IML Macros - choose what should happen each time there is an attempt to execute a macro:
- Disabled (recommended) - generate an error saying that the macro has been blocked.
- Enabled - execute the macro without any messages.
- Prompt - generate a warning, asking the user whether the macro should be executed.
Please see Overview of Automation for more information on scripts and macros.