-
Type: Improvement
-
Resolution: Done
-
Priority: Major - P3
-
None
-
Affects Version/s: 2.6.0-rc1
-
Component/s: Security
-
Labels:None
Currently the eval command require all available permissions in order to run. It would be better to only require permissions for the actual operations that is performed by the enclosed script.
This is currently prevented by the way we parse and execute Javascript so it is a non-trivial problem to solve.