Collaborate Disseminate
As part of an application that I’m writing, I attempt to resolve an active directory object from Guid to the object’s Distinguished name. For some restricted objects, I must grant my service account additional permissions in order to resol… Continue reading Minimal permissions required to resolve Guid of Active Directory Object
Lets say I have the following setup
Two teams: TeamAlice and TeamBob
A command that requires admin access: admin_command
Two sets of computers: TeamAlice_Computers and TeamBob_Computers
Only TeamAlice has login access to TeamAlice_Comput… Continue reading Permissions, Groups, and Principle of Least Privilege
I want to configure roles (least privilege) on my CA instance (EJBCA) and I’m trying to find what are the best practices to do this.
I’ve tried to read the ETSI EN 319 401 – V2.3.1 standard and try to implement this on EJBCA but it is not … Continue reading Recommendations on PKI roles as per ETSI EN 319 401 – V2.3.1
flatkill has been floating around for a while, and honestly it was the reason I was personally resistant to using flatpak packages for a while.
I’m wondering though, most of the article is written from the perspective that you are installi… Continue reading what are the risk associated with installing flatpaks at user level
flatkill has been floating around for a while, and honestly it was the reason I was personally resistant to using flatpak packages for a while.
I’m wondering though, most of the article is written from the perspective that you are installi… Continue reading what are the risk associated with installing flatpaks at user level
If I get hit with malware while performing daily tasks (e.g. – checking email, web browsing, etc.) with a root shell, the malware will own my machine.
If the aforementioned occurs whilst on a standard account with the ability to run sudo, … Continue reading If browsing the web with root is dangerous, isn’t browsing the web with a sudo enabled account only marginally safer?
Usually people say directly using root account is a very bad idea. However, my current setting is like this: to achieve a higher level of isolation, all services have their own virtual machine instances.
In this scenario, is it okay to sim… Continue reading Can I use root account if every server only runs one service [Debian/Ubuntu Server]
I’m dealing with a system which users will access from multiple devices, with potentially different components of the system being used via each device.
For example, a user may be accessing component A and B on device 1, but only component… Continue reading Multiple accounts per user for different devices
Yes, I did read this answer: https://apple.stackexchange.com/questions/192365/is-it-ok-to-use-the-root-user-as-a-normal-user/192422#192422
But I still fail to understand the reasoning behind this advice, as long as we are talking about a s… Continue reading Why is it not recommended to permanently use the root account for all tasks?
I work in security and often come across situations where a user requests local administrator rights to their machine because 1 program needs to be run as Admin in order to work. Unfortunately, a lot of these programs are critical and so I… Continue reading How to allow limited admin rights to a user/program in Windows [migrated]