The "then" part is java. Your question can thus be reformulated as "preventing java code for doing dangerous operations". One of basic solution is to run your java code (containing drools or not) under a specific user (not root) that only have rights for some specific folders. As I think you already think of that, another approach can be done by using drools-verifier. This is a module (which can be executed with "verify" under Guvnor, but can also be executed in a standalone program) that take rules, cut into statements, and launch rules to check rules statement (looking for contradictions for example). May be you can use this approach to look in "then" part if some statements are forbidden (like deleting a file). Or if your users only edit rules via Guvnor, they will only have access to chat is imported in the package configuration (then you can just don't import the File class). Of course, don't let them the right to edit the package configuration ... Le 09/02/2012 18:34, Shur, Bob a écrit :