Using privileged mode (SetPrivilegedMode)¶

Type	Scope	Severity	Activated by default	Minutes to fix	Tags
`Security Hotspot`	`BSL`	`Major`	`Yes`	`1`	`suspicious`

Description¶

Diagnostic finds Privileged mode setup code. For external code, such as code from external reports/data processors, this action may not be safe.

The found sections of the code must be analyzed, a manual audit of the code must be performed for its correctness and safety.

Правило находит вызовы метода The diagnostic finds calls to the SetPrivilegedMode method call to SetPrivilegedMode(False) is ignored

Any export procedures and functions that perform any actions on the server with the privileged mode set unconditionally beforehand are potentially dangerous, as this disables checking the access rights of the current user. The export procedures and functions of the client API of the 1C:Enterprise server require special attention.

For example, wrong:

Procedure ChangeData(...) Export

SetPrivilegedMode(True); // Disable permission check
// Change data in privileged mode
...
EndProcedure

Correct:

Procedure ChangeData(...) Export

// Changing data
// (at the same time, if the user does not have enough rights to perform an operation on the data, an exception will be raised)
...
EndProcedure

The exception is when the action performed by the procedure must be allowed (or the return value of the function must be available) to absolutely all categories of users.

If you still need to use privileged mode within a method, you must use manual access control using the VerifyAccessRights method.

An example of pre-checking before performing actions in privileged mode:

Procedure ChangeData(...) Export

VerifyAccessRights(...); // If the user has insufficient rights, an exception will be thrown
SetPrivilegedMode(True); // Disable permission check

// Change data in privileged mode
...
EndProcedure

Examples¶

    SetPrivilegedMode(True); // error

    Value = True;
    SetPrivilegedMode(Value); // error

    SetPrivilegedMode(False); // no error

Sources¶

Standard: Using Privileged Mode (RU)
Standard: Server API Security (RU)
Standard: Restriction on the execution of "external" code (RU)

Snippets¶

Diagnostic ignorance in code¶

// BSLLS:SetPrivilegedMode-off
// BSLLS:SetPrivilegedMode-on

Parameter for config¶

"SetPrivilegedMode": false