Tuesday, November 9, 2010

Security Finetuning

Ok, I get the whole "least privileges" model. In fact, given the number of mouth-breathers I've had the "pleasure" to work with over the years, I'm a big fan of it. However, in order for it to work, you have to set it up right. If you're giving me ownership of one part of a larger system, then I should have full rights to that component. Disabling certain features I might need just doesn't make sense.

As a "ferinstance", why the fuck would the security settings on the iLO prevent "acquire" actions when a java crash will leave your session stuck open?? Nothing quite like trying to hop back on your server's "console" only to be told that it's still in use, elsewhere.

No comments:

Post a Comment