Limitations of the rule sandbox security model

The rule sandbox security model has several limitations:

• The following DoS attacks can occur:
  • Infinite sleep keeping the worker thread locked. Over time, such rules silently take all threads and starve the application.
  • Infinite loop consuming CPU cycles and slowing down the machine.
  • Writing a large amount of data to the event log and slowing down the application.
  • Allocating a large amount of memory.
• Clinical data corruption can use the legitimate interface of the Rule Application Model.
• Due to human error, the incorrect public key can be installed into the certificate store and establish trust for a bad user-defined function assembly.