KCM Core Developer's GuideDocument compositionITPRun commandMaster Templates running in a sandbox content

Master Templates running in a sandbox content

By default, KCM Core 4.4 packages run Master Templates in a sandboxed environment. The sandbox prohibits any statements and functions that could interface with the server, the file system, such as WRITE, or the environment, such as session_parameter.

You can configure the sandbox in three modes:

  • Pre-flight validation

    Any Master Template that contains prohibited statements or functions is blocked before it is started.

    To enable this mode, add the setting ITPSANDBOX=Y to the ITP.CFG file. This mode is the default for new installations of KCM Core.

The validation performed before the startup is based on a static analysis during compilation. Code that cannot be executed blocks the Master Template. Code blocked based on parameters is permitted, but will be blocked during execution.

  • Dynamic validation

    Any Master Template is checked during execution. When the Master Template tries to execute a prohibited statement or function, it is terminated. As this check is performed dynamically during execution, some functions are blocked only when they try to execute a prohibited operation but could be permitted with a different combination of parameters. For example, insert_image will be blocked if the image is read from a file, but permitted if the image is read from the Data Backbone.

    To enable this mode, add the setting ITPSANDBOX=L to the ITP.CFG file.

  • Disabled

    All checks are disabled. Master Templates are allowed to use all features of the Template scripting language.

    To enable this mode, add the setting ITPSANDBOX=N to the ITP.CFG file. This mode is default for KCM Core 4.2.3 and older versions.

    The sandbox configuration is applied globally to all jobs for the KCM Core instance. All KCM Document Processors must be restarted to apply a changed setting.