IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [privileged-account]

A user account with permissions to perform administrative actions within an operating system or application.

Related tag: .

On Windows, administrative actions are protected by the User Account Control (UAC) feature. A "privileged account" is one that has one or more admin powers within the UAC framework.

On Linux, OS X, and other Unix variants, a "privileged account" is either root or an account with rights to use sudo.

An application can have privileged accounts such as admin that are capable of special functions like user account administration or unrestricted data alteration.

70 questions
1
vote
1 answer

Risk of Docker backdoor allowing impersonation

I am a junior web developer. All I know is mostly about web development. I have no skills and knowledge about system security and know little about Linux. I work in a company which is developing some embedded product. In the R&D department, some…
hex0x02
  • 13
  • 2
1
vote
2 answers

Insider threat mitigation sql databases

I support a number of applications some of which have sql databases. There's a number of scripts (mostly powershell/bash) to check the state of an application to see if it's considered healthy. Some of these scripts make calls out to the sql…
bain2236
  • 47
  • 5
1
vote
1 answer

Running jobs as local administrator vs domain administrator and their risks

I know for best practices we should always give an account least privilege and use that account to run jobs etc. However our windows jobs often require elevated privileges in order to perform the required task. How do you deal with jobs that must…
Pang Ser Lark
  • 1,929
  • 2
  • 16
  • 26
1
vote
3 answers

Is "permission (role) granting" safer, than giving direct access to primary account?

The role assignment is excellent feature over the various platforms (Google, GitHub, Facebook, etc. ). However, I've been thinking about a specific security "threat" which might arise from that. Let's say, Nick is someone with my absolute…
T.Todua
  • 2,677
  • 4
  • 19
  • 28
1
vote
3 answers

Do large companies storing private user data ensure no single insider can abuse user data? if so, how?

Let's say we have a large company X which stores private user information. For example an e-mail provider, or social network provider. I mainly have GMail and Facebook in mind. So the company has thousands of employees. Let's further suppose that X…
proggie165
  • 111
  • 2
1
vote
1 answer

Mysql Information schema column_privileges empty

I can try some SQL-injection against a ad-hoc damn web application in my virtual enviroment for educational purpose. In one of these I obtain the table column_privileges (of Mysql Information schema) empty, I retrive the table but the fiels are…
Bob
  • 129
  • 2
  • 7
1
vote
3 answers

Maintain User Privileges After Shutdown in Windows XP?

Is it possible, in Windows XP, to maintain user privileges of a command shell after a reboot? For example, I'm running as a non-privileged account LocalMachine\Pete, but have a shell running as LocalMachine\System. I want to maintain the privileges…
Petey B
  • 607
  • 1
  • 6
  • 8
1
vote
1 answer

Privilege usage checks

What does it mean that "the permission system does not include checks for transitive privilege usage" (quote from a paper on Privilege Escalation Attacks on Android). Android grants app privileges during installation, but (as above) there's no some…
lunar
  • 153
  • 4
1
vote
2 answers

Why do websites still suffer from OS injections if by default web-servers are not assigned a shell?

So even if there is some poor php written which allows a shell_exec() and that someone disabled safe mode on it, what exactly are the risks? Do admins just change the default group or are most attacks coming from other forms of web applications…
whatever489
  • 838
  • 3
  • 9
  • 21
1
vote
4 answers

Is it safer to be setup as a user with 'standard' vs 'administrative' privileges in Windows 10?

I am setting up a relatives computer using Windows 10. I am going to create them a 'standard user' account which I will encourage them to use as their every day account. In addition to that I will create a password protected 'administrator…
n00b
  • 445
  • 2
  • 13
1
vote
3 answers

Root access and malware

Would it help to defend against malware if I use a less privileged Windows 7 account for my day-to-day work?
David Bryant
  • 1,139
  • 2
  • 8
  • 10
0
votes
1 answer

What's a least-privilege way to allow node.js to access network adapters on Linux?

Linux naturally restricts all but superuser from pulling traffic directly from network adapters. In the case of Wireshark/dumpcap, setuid root is used ONLY for dumpcap, restricting the privileges needed for Wireshark run by the user: Wireshark has…
bright-star
  • 147
  • 5
0
votes
1 answer

Limiting account access based upon NIC used to connect on Linux

I have a server which has multiple NICs (ignoring redundant pairs): 'inward' facing production (connects to other servers); 'outward' external facing production (connects out to the internet via a DMZ), 'outward' internal facing production…
Hiding From The Jackasses
  • 21
  • 1
0
votes
1 answer

How should privileged accounts be secured in both Linux and Windows?

I have recently started work in application security at a mid-sized firm, having transitioned away from 5+ years in security consulting (pentesting, etc). One of the biggest challenges I see here from the start are that security scanners and other…
appsecguy
  • 435
  • 4
  • 12
0
votes
3 answers

Protecting local admin password against 3rd party software

I'm using a standard user account and then run whatever as administrator so that I type in administrator password... I wonder if potentially undetected malicious software such as a trojan is able to log my administrator account password and use the…
codekiddy
  • 113
  • 4
1 2 3
4
5