function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion

Global search ignores field-level permissions

Global search does not respect field-level security for Profiles.

In other words, I can completely hide a field from a given profile.  But, a user in that profile can search through that field using Global Search.  All objects whose hidden field matches that search text will be displayed in the Global Search results.

This seems like a serious bug.


Consider salesforce's classic "HR/Recruiting app" example.  A user from whom a "Salary" field is hidden can nonetheless simply enter dollar amounts into Global Search to figure out the field value for every record.

I'm a bit shocked that such a large security hole is present in Global Search, and I think it can't possibly be by design.  I'm so surprised by this behavior that I keep double-checking it, but each time I'm able to search for values in fields that are hidden from my profile.



Salesforce support- I have created case 09471736 to track this issue.


Apparently this is by design.  Per



Users can search for information in fields that are hidden from them by field-level security. When users search for a value in a field hidden from them, search results include the record that contains the field, even though users can't see the field.


So spear-phishing for salary information is the expected behavior of the Global Search feature.


This seems like a big sign saying "do not store sensitive data in salesforce".


Salesforce support replies that (a) yes, it's by design, and (b) if you aren't happy with that, you should promote this Idea:


So I suppose that's that, for now.