I have no idea how to title this post. Oh well.

A few years back I worked somewhere that had a large breach. Many practices changed in the wake of it. Developers actually had admin access prior to the change which was very nice. In an effort to restrict access but also let folks do their jobs they deployed some tool that would start all programs that “needed” admin access as an admin. This included cmd for the devs. So every time I opened cmd I had to be careful not to break something since there was no way to launch it without admin access after that change.

  • dbx12
    link
    fedilink
    arrow-up
    9
    ·
    5 months ago

    But… with cmd running as admin, you can spawn any application with admin permissions. That whole concept sounds horrible…