Collaborate Disseminate
On Linux, we enforce least privilege through sudo. This gives the best of both worlds: Passwords and accounts are for a person, as they should be, not a role. But we lower risk and exposure by only using privileges when we … Continue reading Best practice on Windows domains: To have a separate admin account or not?
This question already has an answer here:
Docker as a sandbox for untrusted code
2 answers
I wonder about SwarmKit (the o… Continue reading Can a SwarmKit worker node acess something it’s not normally meant to know? [duplicate]
In the name of separation of duties, I was wondering if there is a simple (or even not-so-simple) way of dividing the ability to decrypt an EFS encrypted file such that it would require two DRAs to decrypt the file, while sti… Continue reading Is it possible to separate DRA decryption abilities?
Cloud images of some popular operating systems do not let the user to log in as root, yet they use a very standard user name (for example ec2-user, ubuntu) and allow these users to use passwordless sudo.
What is the reason f… Continue reading Difference between root login and passwordless sudo
Given a service that needs access to some secrets from a config file to start, I can imagine three approaches:
1) Keep the file readable only by root. Start the process as root, read the config and drop privileges.
2) Keep … Continue reading Drop privileges after startup or start as unprivileged user?
My NodeJS script starts a web server on port 8008. I have root access to the machine, but the server’s running as a separate user account with no sudo access, called nodejs.
Since SSL is enabled, it requires access to the pr… Continue reading Controlling private key access for a web server
In this talk on privilege separation, Theo de Raadt explains that OpenBSD’s ntpd has a master process which calls settimeofday(), a DNS process responsible for querying DNS servers, and an NTP protocol process which is respon… Continue reading How does separating concerns into separate processes (without enforcement) help security?
In this talk on privilege separation, Theo de Raadt explains that OpenBSD’s ntpd has a master process which calls settimeofday(), a DNS process responsible for querying DNS servers, and an NTP protocol process which is respon… Continue reading How does separating concerns into separate processes (without enforcement) help security?
In this talk on privilege separation, Theo de Raadt explains that OpenBSD’s ntpd has a master process which calls settimeofday(), a DNS process responsible for querying DNS servers, and an NTP protocol process which is respon… Continue reading How does separating concerns into separate processes (without enforcement) help security?