In Strategy Web the file to be imported is treated as a data file which is read by importing code.
The file imported would not get into address space as code such as DLL or library, even if users change the suffix of an executable file into CSV or Microsoft Excel.
For other security mechanisms, starting 9.3.0 the following new configuration parameters have been introduced under the project mechanism for data import:
