Everything has admin access, a storytime post (programming.dev)

submitted 1 month ago by JackbyDev@programming.dev to c/programming_horror@programming.dev

2 comments fedilink hide all child comments

I have no idea how to title this post. Oh well.

A few years back I worked somewhere that had a large breach. Many practices changed in the wake of it. Developers actually had admin access prior to the change which was very nice. In an effort to restrict access but also let folks do their jobs they deployed some tool that would start all programs that "needed" admin access as an admin. This included cmd for the devs. So every time I opened cmd I had to be careful not to break something since there was no way to launch it without admin access after that change.

top 2 comments

sorted by: hot top controversial new old

[-] best_username_ever@sh.itjust.works 8 points 1 month ago

I worked for a company that removed admin access on our dev machines. To be admin, we had to send an email to a foreign country and wait an hour to get a token that could only be used once.

Since I was the most productive employee (lazy bastards), I needed to be admin ten times a day. They quickly changed their decision and gave me full access to my computer again after I flooded them with admin requests and comments like “I can’t work.”

The company fired everyone later because humans cost money but that was fun while it lasted.

[-] dbx12@programming.dev 8 points 1 month ago

But... with cmd running as admin, you can spawn any application with admin permissions. That whole concept sounds horrible...

this post was submitted on 08 Jul 2024

27 points (100.0% liked)

Programming Horror

1634 readers

1 users here now

Welcome to Programming Horror!

This is a place to share strange or terrible code you come across.

For more general memes about programming there's also Programmer Humor.

Looking for mods. If youre interested in moderating the community feel free to dm @Ategon@programming.dev

Rules

Keep content in english
No advertisements (this includes both code in advertisements and advertisement in posts)
No generated code (a person has to have made it)

Credits

Icon base made by Lorc under CC BY 3.0 with modifications to add a gradient

founded 1 year ago

MODERATORS

Vacant@programming.dev