Security Settings
The COMSOL software includes security settings for controlling access to, for example, system properties, file systems, and runtime security settings from methods and external libraries, primarily for use in applications created using the Application Builder.
If you have configured a permanent security policy when installing the COMSOL software, none of these security settings are available.
The following security settings are available on the Security page in the Preferences window (the top four checkboxes are selected by default):
Select the Allow batch jobs checkbox to allow batch jobs. This restriction affects the Batch, Batch Sweep, Cluster Computing, and Cluster Sweep nodes in the COMSOL Desktop model tree.
Select the Allow running methods checkbox to allow running applications that include methods. If you clear this checkbox, it is not possible to run methods in applications.
Select the Allow running applications checkbox to allow running applications in general. If you clear this checkbox, it is not possible to run any applications.
Select the Allow settings forms checkbox to allow settings forms and dialog forms in the Model Builder. If you clear this checkbox, an error message appears if you try to create a new settings form or show a dialog form.
From the Allow external libraries list, choose No (the default), Yes, or Ask to allow external C libraries to be called from methods in an application, directly or by first asking, or not.
From the Allow external MATLAB® functions list, choose No (the default), Yes, or Ask to call functions written in MATLAB (requires LiveLink™ for MATLAB®), directly or by first asking, or not. If you change this preference setting, click Clear Functions in the Settings window for a MATLAB function node before running a simulation that calls MATLAB functions.
On the Methods and Java Libraries subpage:
The Enforce security restrictions checkbox is selected by default. The following settings are available for easing parts of the restrictions on methods and Java libraries (none selected by default):
-
Select the Allow access to system properties checkbox to allow methods and Java libraries to read and write values to system properties such as System.getProperty("cs.np"), which can be used to determine the number of cores that COMSOL Multiphysics currently uses.
-
Select the Allow changes to the runtime system checkbox to allow methods and Java libraries to change the runtime system — for instance, by modifying class loaders.
-
From the File system access list, select Temporary and application files (the default) to restrict methods and Java libraries to only have access to such files, or select All files to allow methods and Java libraries to access all files that you have permissions to access on the file system.
-
Select the Allow external processes checkbox to allow applications to start external processes on the computer. This includes using the built-in executeOS() method.
The external process security settings refer to method code being able to launch arbitrary executables, not COMSOL or its LiveLink products launching their helper executables.
-
Select the Allow access to network sockets checkbox to allow methods and Java libraries to open sockets for network access.
-
Select the Allow control of the network authentication method checkbox to allow methods and Java libraries to control the network authentication method used.
-
Select the Allow access to classes through reflection checkbox to allow access to all members in a class through reflection.
-
Select the Allow access to runtime security settings checkbox to allow methods and Java libraries to access security settings.
-
Select the Allow access to Model Manager databases checkbox to allow methods and Java libraries to access Model Manager databases, including both reading and writing data.
To allow methods and Java libraries to run with security completely disabled, clear the Enforce security restrictions checkbox.
On the Internet subpage:
Select the Use a restrictive security policy for model files downloaded from the internet checkbox to use a restrictive security policy (Mark of the Web) for model and app files downloaded from the internet.
Under Trusted sites, you can add internet sites that you want the COMSOL Multiphysics software to consider as trusted when the restrictive security policy is enabled. By default, the apps and models on the COMSOL Application Gallery web pages (www.comsol.com/model/, www.comsol.de/model/, and so on) are considered as trusted. Click the Add button () to add a row for entering another trusted site. Use the Move Up (), Move Down (), and Delete () buttons as required.
If a model or app file originating from an untrusted site is opened in the COMSOL Desktop, a banner appears, notifying you that the security preferences have been temporarily restricted. You can click the Remove Restrictions button in the banner or on the Security subpages in the Preferences window, if desired, to restore the normal values and close the banner. If you keep the restrictions, then the settings on the Security subpages in the Preferences window are disabled.
If the security preferences are using a restrictive security policy for model files downloaded from the internet, clicking the Factory Settings button will not take effect for the concerned pages until the restrictions are removed.
This functionality is not available on Linux.