Disabling Logins Isn’t Enough

Shane O’Neill walks through how disabled unused sysadmin accounts can still compromise your system:

Notice that “Enabler” as part of securityadmin can see the disabled “AllThePower” login?

Great, we can see it, so let’s promote our CopyCat login!

Part of what makes security so hard is that it’s not enough to think of what a single principal can do; it’s what a chain of principals can do.

Related Posts

Why Root Containers are Troublesome

Andrew Pruski explains to us why it can be bad to have a container user running as root: Recently I noticed that Microsoft uploaded a new dockerfile to the mssql-docker repository on Github. This dockerfile was under the mssql-server-linux-non-root directory and (you guessed it) allows SQL Server containers to run as non-root. But why is running a container as […]

Read More

Shared Access Signatures

Arun Sirpal explains what an Azure Shared Access Signature is: Using a Shared Access Signature (SAS) is usually the best way to control access rights to Azure storage resources (like a container for backups) without exposing the primary / secondary storage keys. It is based on a URI and this is what I want to […]

Read More

Categories

November 2016
MTWTFSS
« Oct Dec »
 123456
78910111213
14151617181920
21222324252627
282930