The JadeSchemaLoader application poses a potential security risk to JADE databases.
If a JADE environment includes a web‑facing application server, the JadeSchemaLoader application can be run by any presentation (thin) client connected to the internet. Such a client could be used to load an arbitrary schema that could include a malicious JADE application that the user could subsequently run to gain access to the JADE database.
You should enable application restrictions to prevent the unauthorized running of the JadeSchemaLoader application. For details, see "
[JadeAppServer] EnableAppRestrictions=true AllowSchemaAndApp1=MySchema,MyApp AllowSchemaAndApp2=MySchema,MyOtherApp
In this example, no RootSchema applications can be run using a presentation client. Only the applications specified in the JADE initialization file AllowSchemaAndApp<n> parameters in the specified MySchema schema can be run by any presentation clients connecting to all application servers.