Question about setting the property 'glide.record.legacy_cross_scope_access_policy_in_script' to "false" vs "true"Issue Question about setting the property 'glide.record.legacy_cross_scope_access_policy_in_script' to "false"vs "true"In the documentation, it saysThis property disables scope fencing, enabling scoped apps to access global script interfaces. Enforcing scope fencing ensures that applications can only access resources explicitly granted or within their designated scope, thereby enforcing the principle of least privilege.https://docs.servicenow.com/bundle/xanadu-platform-security/page/administer/security-center/reference/sc-enable-gliderecord-scope-fencing-legacy-behavior.htmlFactsWhen the property is set to false, the setValue() API is checked for cross-scope access, whether it’s a direct GlideRecord operation or triggered through the Action tab in a Business Rule.Test Case 1var test_rec = new GlideRecord("u_test_scope"); // This application scope onlytest_rec.initialize();test_rec.setValue("u_test_case", "Property is false");test_rec.insert();Errors observed:Security restricted: Access to API 'setValue' from scope has been refused due to the API's cross-scope access policy.Security restricted: Create operation against 'u_test_scope' from scope has been refused due to the table's cross-scope access policy.This error occurs because of the additional cross-scope check enforced at the setValue() level.Property set to trueWhen the property is set to true, the behavior is slightly different.Test Case 2:var test_rec = new GlideRecord("u_test_scope"); // Private tabletest_rec.initialize();test_rec.setValue("u_test_case", "Property is true");test_rec.insert();Error observed:Security restricted: Create operation against 'u_test_scope' from scope has been refused due to the table's cross-scope access policy.In this case, you will only see the table-level cross-scope restriction error, as the additional setValue() check is bypassed when the property is true.The property is evaluated during calls to the setValue() API and enforces cross-scope checks during those calls. Customers should review whether they have cross-scope Business Rules with Action conditions that attempt to set field values in tables that do not permit cross-scope updates.For Script Includes the behavior will continue to be controlled by the "Accessible from" field on the Script include in combination with the Cross-Scope Privilege and Restricted Caller Access Privileges records and settings as before.ReleaseN/ARelated Linkshttps://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0779287