From 2f1771db0f2e9936aa0e98e8874a637655610081 Mon Sep 17 00:00:00 2001 From: Lucifer <108731648+shivamvish160@users.noreply.github.com> Date: Sun, 19 Oct 2025 21:05:08 +0530 Subject: [PATCH 1/3] Create README.md --- .../ACL Audit Utility/README.md | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 Server-Side Components/Background Scripts/ACL Audit Utility/README.md diff --git a/Server-Side Components/Background Scripts/ACL Audit Utility/README.md b/Server-Side Components/Background Scripts/ACL Audit Utility/README.md new file mode 100644 index 0000000000..04abb187a4 --- /dev/null +++ b/Server-Side Components/Background Scripts/ACL Audit Utility/README.md @@ -0,0 +1,24 @@ +# ACL Audit Utility for ServiceNow + +## Overview + +This script audits Access Control Lists (ACLs) in your ServiceNow instance to identify potential security misconfigurations. It helps ensure that ACLs are properly configured and do not unintentionally expose sensitive data. + +## Features + +- Detects **inactive ACLs** +- Flags ACLs with **no condition or script** +- Warns about **public read access** (ACLs with no roles assigned) +- Logs findings using `gs.info()` and `gs.warning()` for visibility + +## Usage + +1. Navigate to **System Definition >Scheduled jobs** in your ServiceNow instance. +2. Create a new Script Include named `ACL_Audit_Utility`. +3. Paste the contents of `code.js` into the script field. + + +## Notes + +- This script does not make any changes to ACLs; it only audits and logs findings. +- You can extend the script to send email notifications or create audit records in a custom table. From 44e47325a51aad2cd39cd34d72c9db8ba3e627f5 Mon Sep 17 00:00:00 2001 From: Lucifer <108731648+shivamvish160@users.noreply.github.com> Date: Sun, 19 Oct 2025 21:05:36 +0530 Subject: [PATCH 2/3] Create code.js --- .../ACL Audit Utility/code.js | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 Server-Side Components/Background Scripts/ACL Audit Utility/code.js diff --git a/Server-Side Components/Background Scripts/ACL Audit Utility/code.js b/Server-Side Components/Background Scripts/ACL Audit Utility/code.js new file mode 100644 index 0000000000..02e60b78e1 --- /dev/null +++ b/Server-Side Components/Background Scripts/ACL Audit Utility/code.js @@ -0,0 +1,31 @@ + + // Description: Audits ACLs for potential misconfigurations and logs findings. + + var grACL = new GlideRecord('sys_security_acl'); + grACL.query(); + + while (grACL.next()) { + var aclName = grACL.name.toString(); + var type = grACL.type.toString(); + var operation = grACL.operation.toString(); + var active = grACL.active; + + // Check for ACLs that are inactive + if (!active) { + gs.info('[ACL Audit] Inactive ACL found: ' + aclName + ' | Operation: ' + operation); + continue; + } + + // Check for ACLs with no condition or script + var hasCondition = grACL.condition && grACL.condition.toString().trim() !== ''; + var hasScript = grACL.script && grACL.script.toString().trim() !== ''; + + if (!hasCondition && !hasScript) { + gs.warning('[ACL Audit] ACL with no condition or script: ' + aclName + ' | Operation: ' + operation); + } + + // Check for ACLs granting 'read' access to 'public' + if (operation === 'read' && grACL.roles.toString() === '') { + gs.warning('[ACL Audit] Public read access detected: ' + aclName); + } + } From 7c453bdf4f9cc65566f2c20666cde8c6abe7229c Mon Sep 17 00:00:00 2001 From: Lucifer <108731648+shivamvish160@users.noreply.github.com> Date: Sun, 19 Oct 2025 21:06:50 +0530 Subject: [PATCH 3/3] Update README.md --- .../Background Scripts/ACL Audit Utility/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Server-Side Components/Background Scripts/ACL Audit Utility/README.md b/Server-Side Components/Background Scripts/ACL Audit Utility/README.md index 04abb187a4..5b00ff6efa 100644 --- a/Server-Side Components/Background Scripts/ACL Audit Utility/README.md +++ b/Server-Side Components/Background Scripts/ACL Audit Utility/README.md @@ -13,7 +13,7 @@ This script audits Access Control Lists (ACLs) in your ServiceNow instance to id ## Usage -1. Navigate to **System Definition >Scheduled jobs** in your ServiceNow instance. +1. Navigate to **System Definition >Scripts - Background** in your ServiceNow instance. 2. Create a new Script Include named `ACL_Audit_Utility`. 3. Paste the contents of `code.js` into the script field.