Collaborate Disseminate
From what I know, it’s a bad practice to login to any workstation or server except domain controllers as a domain admin. I read that mimikatz or other malware can extract the hash of the password from a compromised workstation. What about … Continue reading Are domain admin credentials cached when entered for approving a software installation?
We have our dev & prod env split between AWS (databricks workspaces) and on-prem Linux boxes. Specifically, we have DB instances on-prem and have python code running inside our databricks workspace in AWS that reads/writes to the DB.
W… Continue reading Is is bad that on-prem "prod" DB is accessible/visible from in-cloud dev environment?
As I understand, in a typical LAMP (or be it LEPP) setup, all PHP code is executed using the same user and group ("www" or similar). In a multi-user scenario (e.g. some variant of allowing Linux user accounts to propagate a publi… Continue reading User isolation in LAMP
If there is a program written by a normal user that requires root privileges (eg. a program that interacts with root processes) what is the difference between running this program using sudo vs. changing the program permissions with chown … Continue reading Security difference between changing permissions versus using sudo to execute
I have been thinking of implementing a new practice where local admin privileges are disabled entirely from all endpoints. For users who need to elevate privileges, they will have a separate admin account dedicated and restricted only to t… Continue reading Is there really any benefit in having a separate local admin account
Consider a scenario in which you offer service access based on a hierarchy of authority. i.e., a HEAD can register his subordinates. The authenticated HEAD has the previledge to read and update data from all of his subordinates. Is there a… Continue reading Authorise access to hierarchical data
Someone in my company wants to be granted admin privileges in every single application, infrastructure and network component, just because he is a big IT manager. I don’t have a security background, but it sounds wrong practice. My team is… Continue reading Which security standard or compliance bans admin privileges across all the company systems [duplicate]
The company I work at uses a program on their Windows workstations that runs as the logged-in user but some tasks require elevated privileges. The user must be able to run these without having admin permissions himself.
The current approac… Continue reading Windows service with elevated privileges – Security concern
I’m asking this question with the assumption that anything the user can do, so can malware.
I’m using a third party firewall on my system to control which programs are able to access the internet. However I notice that I – as a limited us… Continue reading How could malware disable third party security software?
Protection rings are different privilege levels granted to software, with the kernel being the most privileged, applications the least privileged, and drivers somewhere in between.
My question is why are they called rings? (… Continue reading Why are Protection Rings called rings?