Verifying UDF Rules for Blocked Modules and Methods

Handling blocked modules.

If you are using UDFs in Rule definitions, then it is important to verify whether you are using any of the blocked modules and methods. The introduction of blocking is a security best practice that restricts UDF code instructions to use safe modules and methods.

After installing the DSG, ensure that you note the following points:

Verify if any of the following blocked modules and methods are defined in the Source Code option in the UDF rules:
- blocked_modules: pip , install, commands, subprocess, popen2, sys, os, platform, signal, asyncio
- blocked_methods: eval, exec, dir, import, memoryview
If any of the blocked modules or methods are defined in the Source Code option in the UDF rules, then use either of the following options:
- Option 1: Remove the module/method from the gateway.json file.
  Note: By removing blocked modules and methods, you risk introducing security risks to the DSG system should any UDF code misuse these otherwise blocked module/method.
- Option 2: Edit the UDF rule to override the blocked module using the override_blocked_modules parameter.
  Note: By overriding blocked modules, you risk introducing security risks to the DSG system should any UDF code misuse these otherwise blocked module.

Last modified : January 30, 2025