I'm trying to understand what this actually overides in terms of security. I have two tables of which 1 is accessible to a privilege set call Web with the abilty to run scripts create records and access certain layouts. In the first file, the privilege set is able to initiate one of the scripts that calls a sub-script with the option "Run with full access". In this scripts it calls another sub script that is located in the second file which is also run with "full access". The privilege set is restricted in the second file.

Question: does the option "full access" overide all restrictions in regard to:

layout access

record creation

field access

Or are these processes still bound by the overall security defined by the account and privilege set?

It's a bit like "sudo" in unix: it allows the process to temporarily have root user privileges.

While the script runs it allows full access to everything. So the script can write to fields that might otherwise be inaccessible, or create or delete records. But once the script ends the extra privileges end too.

Be aware that if you use a script running as full access to edit records, the edits will appear to have been done by the full access user.

That's what I thought.

Now I have to try and figure out why it's not able to create a new record when the scripts have the option "Full Access" selected.

This process confers privileges on the script, not on the user running the script. And a script running with full access privileges in File A cannot perform full access options in File B. It can, however, run a script in File B with full access privileges that accomplishes that purpose.

HTH

Steven

Hi Steven,

Yes, I'm familiar with this. The script in File A is calling a script in File B both of which have "Full Access" option.