How to List All Permissions for SQL Server Fixed Database and Server Roles

I am trying to list all current permissions for db_owner and sysadmin for SQL Server 2012. I found these SPs:

EXEC sp_srvrolepermission 'securityadmin' EXEC sp_dbfixedrolepermission 'db_owner' 

However, these are deprecated and only accurate as of SQL Server 2000. Is there an equivalent mechanism to accomplish the same thing today?

reading a file with other read permissions set

For this question assume a file with 604 perms in a directory with 700 permissions. Assume this file exists: /test/file

A non-root user can techincally read that file but in practice to read it the process must be given the pathname to the file, and the kernel will check that the directory /test has the executable bit set. Because it is not set, the read will fail.

If the one does a chmod o+x /test, then a non-root user can do a cat /test/file and read the file. Is there a way to read the file without setting the execute bit on the directory /test.?

Setting user permissions per post

I am trying to assign privileges on posts on a per post basis.

Essentially, I have a custom post type which have authors. They can edit their own posts.

I then have another role, which should be able to edit a subset of those posts bases on a custom field or taxonomy.

I can filter out the posts that appear in the backend using pre_get_posts, and applying a query based on the custom field. However I need to limit specifically edit privileges for each post.

Does anyone know if it’s possible to apply an “editable” filter per post rather than a blanket privilege based on the role?

Thanks!

Applying “principle of least privilege” when it comes to execs and owners of the company – should they automatically get all permissions if requested?

As an administrator of certain systems in a company I understand and adhere to the “principle of least privilege” — which I’m assuming I don’t need to repeat its definition here, so let’s just say people here get given access to systems only in accordance with what they need for their role and no more. I follow that principle and check carefully whether they can have read-only access in order to carry out the role and if so I give read access only, etc.

I had a request from an executive-level (C-suite) person (“Jack”, let’s say) who is actually one of the five co-owners of the company, to get blanket “sysadmin” level access to a particular system. (I am confident the request has come from Jack himself and isn’t a hacking or phishing attempt, as I verified it with Jack directly.)

Jack is far too important and involved with strategic stuff to need to carry out any day-to-day work with this system, especially anything that would need sysadmin level access, but occasionally wants to get involved in “poking around” in there, as he is technical by background.

I get the sense that he doesn’t like the idea that he is “walled off” from some system although he owns part of the company.

I’m not asking about the interpersonal aspects about this, just the info-sec ones.

Is it accepted info-sec practice to give an owner of the company “sysadmin” access and by doing bypass the “principle of least privilege”? — since, after all, Jack (partly) owns the company so it’s all his stuff anyway!

Or should that still apply, and even the CEO shouldn’t have write-access to a system when they don’t need it as part of their job function?

Aspect Permissions and combat

This question and this other question have excellent answers describing the concept of “aspect permissions”. To summarize my understanding of the answers, they explain that aspects shift the boundaries of what’s trivial and what’s impossible for a character, moving actions in and out of what you should roll for. So if the Strongest Man in the World wants to kick down a door they probably don’t need to roll for that, but a character without that aspect probably would. The Strongest Man in the World can lift a heavy gate with a roll, but a character without that aspect couldn’t do it at all. And the aspect doesn’t have to be on a character; asking directions from an NPC probably doesn’t require a roll; asking directions from an NPC that’s part of an Angry Mob at least requires a roll and might be impossible.

So far so good. My question is how this interacts with combat, where rolls are opposed, particularly in games where aspects might significantly influence approach to combat.

Say you have a superhero game, and we have two characters:

  • Alice, who is Precognitive, and has Fight at +2. Game discussion has established that Alice uses her precognition to be a frighteningly effective fighter, but without it she’s only a Fair fighter.
  • Bob, who is Clairvoyant, and has Fight at +2. Game discussion has established that Bob uses his clairvoyance to help the team’s situational awareness, etc., and it doesn’t have a direct combat use.

When Alice and Bob are in combat, without invoking aspects, they’re equally effective at Fighting. But that seems a bit odd; Alice’s aspect should have very strong applicability to combat, but Bob’s doesn’t. That does mean that Alice can probably invoke her Precognitive aspect in combat more often, but now she has to pay a limited resource to make use of something that’s narratively always there, and if Bob can find things to invoke he’s still just as effective. This feels a little odd.

Is this how this is meant to work? Should Alice have assigned skills so that she has a higher Fight to represent her precognition’s assistance? (but then how would you mechanically handle a Power Nullifier?). If aspects with this significant an effect on combat are going to be involved should some kind of extra system be built up around them, like a Powers skill that can be used for anything you use your power to do?

Is it possible to use WeChat (Weixin) more safely in recent versions of Android by using permissions?

I assume that anything written or read on WeChat is read by the government of the People’s Republic of China. I understand the risks of that.

However, I would like to understand the implications of using WeChat for other data on my device. With earlier versions of Android, you had to grant all an app’s permission requests in order to use it, and WeChat demanded every possible permission. More recent versions of the OS allow users to grant or deny permissions in groups. Is there a combination of permissions which would allow WeChat to function as a chat/messenger app, but prevent it from reading other data on my device?

Bell-LaPadula permissions

I have to find Read/Write permissions in this exercise.

  • Security Levels = Low < Medium < High
  • Categories = A, B

Subject: Alice

  • label(Alice) = (M, {A})

Objects:

  • label(o1) = (L, {A,B})
  • label(o1) = (L, {})
  • label(o1) = (M, {B})
  • label(o1) = (H, {A,B})

I draw all information flows:

enter image description here

and so I found the permissions:

  • o1 : none
  • o2 : read
  • o3 : none
  • o4 : write

But the solution will be: none + read + none + none

Where is the problem in my solution?


In the exercise there’s an Access Control Matrix too. But the subject of matrix isn’t Alice but Bob.

  • M[Bob, o1] = RW
  • M[Bob, o2] = R
  • M[Bob, o3] = RW
  • M[Bob, o4] = R

If I consider the ACM for Alice the permission for o4 is None (as solution) because of the DS-Property of BLP model.

Is there a way to find a correct solution without ACM or my Professor was wrong writing the exercise (subject in ACM)?

Thank you for attention. I hope you can help me!

SSRS 2017 permissions required to deploy

I’m having issues with one of our developers deploying reports to SSRS, they seem to be able to deploy datasets, however not reports themselves. As a temporary measure, we’ve granted all privileges e.g. Content Manager, Publisher etc. and also sysAdmin on SQL Server, yet they are not able to deploy reports. However, a developer with what appears to have the same permissions (sysAdmin and all privilleges in SSRS) can deploy without issue. The error message can be seen below:

"The permissions granted to user 'Domain\Username' are insufficient for performing this operation." 

Permissions required for row counts to show up on Object Explorer Details

I’m having a weird security issue. I have a user that’s using SSMS 18.2 on a SQL 2016 server. They are a member of db_datareader but when they pull up the the Row Count column in Object Explorer Details it’s blank. As best I can tell it is requiring DBO in order to get the row counts to show up.

User with read access: enter image description here

User with dbo access: enter image description here

Is this a bug or intentional? Does anyone know if there is a lower level of permissions that will give this row count? I know there are plenty of other ways to get the row count, sys.partitions for example, however the user insists they want to use the OED window.

How can one tell if a binary is safe to give sudo permissions for to an untrusted user?

sudo is sometimes used to give untrusted or “semi-trusted” users the ability to perform certain tasks as root, while not giving them unlimited root access. This is usually done via an entry into /etc/sudoers, specifying which programs can be executed.

However, some programs may provide more (no pun intended) functionality than expected, such as more, less, man or find, which offer to execute other programs – most notably a shell.


Usually, which programs are safe to execute depends on knowledge of the sysadmin. Certain binaries like echo or cat are most likely safe (i.e. don’t allow the user to spawn a shell), while others like the examples above are known to be exploitable.

Is there a way to assess with reasonable confidence whether or not an executable is “safe” when given sudo permissions for? Or is the only way a comprehensive source-code audit?


In response to cat not being safe: Yes, it can be used to read sensitive files as root. In some setups, this may be the intended use-case (e.g. a limited user being able to read as root, but not write).

Furthermore, comments or answers explaining to me that sudo is not the correct way to grant read permissions like this: I know. I am absolutely aware how a file-system should be structured, but due to the nature of my work, I can’t influence how file-systems are structured on those servers. All I can do is to see which recommendation fixes the immediate problem. So please, don’t challenge the frame of the question. I don’t have an XY-problem.