Restricted LotusScript and Java agent operations

Note that restricted operations are available only to users with unrestricted access; restricted operations are not available to users with restricted access.

The ability to use the LotusScript® or Java™ backend class methods to create new or replica databases is controlled by the "Create New Databases" and "Create Replica Databases" fields in the Server document in the Domino® Directory.

Classes and methods in this table also apply to remote Java/JavaScript programs that access server based Domino objects over CORBA/IIOP. User access is controlled by the server document fields "Run Restricted Java/Javascript" and "Run UnRestricted Java/Javascript" found under the heading "IIOP Restrictions."

Table of restricted backend class and method

Task

LotusScript

Java

Using a disk-based log file

NotesLog OpenFileLog(path)

Log openFileLog(path)

Using Environment variables

NotesSession GetEnvironmentString()

NotesSession SetEnvironmentVar()

NotesSession GetEnvironmentValue(SystemVariable,true)

Session getEnvironmentString()

Session SetEnvironmentVar()

Session GetEnvironmentValue(SystemVariable,true)

Encrypting or signing

NotesDocument Sign()

NotesDocument Encrypt()

Document sign()

Document encrypt()

Embedded Object manipulation

NotesRichTextItem EmbedObject()

NotesEmbeddedObject ExtractFile(path)

RichTextItem embedObject()

EmbeddedObject extractFile(path)

Table of restricted programming language operations

Task

LotusScript statement

Java

File I/O

Chdir

Chdrive

close

curdir

dir

eof

fileattr

filedatetime

filelen

freefile

get

getfileattr

input

input #

inputb

line input #

loc

lock s

lof

mkdir

Open

reset

rmdir

seek

setfileattr

unlock

width

write

No file I/O operations allowed

Network I/O

N/A

No network I/O operations allowed

Setting system date/time

Date and Date$ Time and Time$

N/A

Calling a "C" routine

External C calls Declare

Users with unrestricted access must also set the NOTES.INI parameter "JavaUserClasses" to the file name of the class file that contains the native methods. For example, use JavaUserClasses= c:\notes\MyJavaClasses. This overrides a security restriction of the Agent class loader, which does not allow classes with native methods to be loaded.

Executing another application

ActivateApp

Shell

Not allowed