Hi Vincent Koning,

I agree with you. this may have timer of creating multiple users while publishing the attached OML. many of them can be done while publishing. there should be a programmed to avoid having timers or something like thank. I appreciate your idea. 

Thanks 

Prince

Hi Vincent,

Good idea.

I would say the warning should not be limited to when one downloads and imports and OML, but it should be a warning before 1CP if there is a timer that will run On Deployment.

Regards,

Daniel

Hi Daniel,

Malicious execution by Timer is just one vector. You can also hide malicious code in actions so it can happen at any time. As for deployment, you can also deploy the OML via Service Center.

So I'll stick with the notification at first but it can't hurt to also add a notification in Service Studio when opening the OML (and where the 1cp is disabled until activated, just like external documents in MS Office. You first need to make a conscious decision before you can edit external files). And for Service Center we add another notification that you need to approve before deployment. 

Something like that?

I think it is a good idea. And I like the Vicent suggestion to trigger the notification.

Regards

It would be nice to have a warning similar to Visual Studio Code. If you're not completely confident in the author, you could open an OML in a read-only mode to prevent accidental module publication. 

But as Vincent suggests there needs to be something if you open an external OML or OAP file.

Very good observation!

I agree, users should be warned before downloading to avoid potential security breaches.