Why do we need to remove that statement? sling-scripting is the user that scripting modules should use for reading scripts. Since Sling's "executable" content is in the search paths (which for now are /libs and /apps), I think that by default the sling-scripting user should not be allowed to do more.
On Thu, 6 Oct 2016 at 13:50 Oliver Lietz <[email protected]> wrote: > - it is best practice to avoid "deny", so it should be removed from sling- > scripting (which would allow sling-scripting to read from /content also) > >
