Applying “principle of least privilege” when it comes to execs and owners of the company – should they automatically get all permissions if requested?

As an administrator of certain systems in a company I understand and adhere to the “principle of least privilege” — which I’m assuming I don’t need to repeat its definition here, so let’s just say people here get given access to systems only in accordance with what they need for their role and no more. I follow that principle and check carefully whether they can have read-only access in order to carry out the role and if so I give read access only, etc.

I had a request from an executive-level (C-suite) person (“Jack”, let’s say) who is actually one of the five co-owners of the company, to get blanket “sysadmin” level access to a particular system. (I am confident the request has come from Jack himself and isn’t a hacking or phishing attempt, as I verified it with Jack directly.)

Jack is far too important and involved with strategic stuff to need to carry out any day-to-day work with this system, especially anything that would need sysadmin level access, but occasionally wants to get involved in “poking around” in there, as he is technical by background.

I get the sense that he doesn’t like the idea that he is “walled off” from some system although he owns part of the company.

I’m not asking about the interpersonal aspects about this, just the info-sec ones.

Is it accepted info-sec practice to give an owner of the company “sysadmin” access and by doing bypass the “principle of least privilege”? — since, after all, Jack (partly) owns the company so it’s all his stuff anyway!

Or should that still apply, and even the CEO shouldn’t have write-access to a system when they don’t need it as part of their job function?

“john –format=md5” caused “Unknown ciphertext format name requested” error

  • This is known md5 hash for Kioptrix: Level 1.1 (#2)

Linux unshadow file

wolf@linux:~$   cat md5hash.txt  root:$  1$  FTpMLT88$  VdzDQTTcksukSKMLRSVlc.:0:0:root:/root:/bin/bash john:$  1$  wk7kHI5I$  2kNTw6ncQQCecJ.5b8xTL1:500:500::/home/john:/bin/bash harold:$  1$  7d.sVxgm$  3MYWsHDv0F/LP.mjL9lp/1:501:501::/home/harold:/bin/bash wolf@linux:~$    

md5hash only

wolf@linux:~$   cat md5hash_only.txt  $  1$  FTpMLT88$  VdzDQTTcksukSKMLRSVlc. $  1$  wk7kHI5I$  2kNTw6ncQQCecJ.5b8xTL1 $  1$  7d.sVxgm$  3MYWsHDv0F/LP.mjL9lp/1 wolf@linux:~$    

Since I know that these are md5 format, I used --format=md5 option in john.

Unfortunately, I’m getting Unknown ciphertext format name requested error.

wolf@linux:~$   john --format=md5 md5hash.txt  Unknown ciphertext format name requested wolf@linux:~$     wolf@linux:~$   john --format=md5 md5hash_only.txt  Unknown ciphertext format name requested wolf@linux:~$    

I’ve verified that the format is similar with pentestmonkey cheat-sheet

Any idea what’s wrong here?

Connection Information To perform the requested action – Is there an easy way to fix this?

It’s been about one year since I created my last WordPress website. I’m using GVO as my host and was able to install WordPress without any problems but when I try to change themes or add plugins I get this message.

Connection Information To perform the requested action, WordPress needs to access your web server. Please enter your FTP credentials to proceed. If you do not remember your credentials, you should contact your web host.

When I enter my ftp information, wordpress says that I have the wrong username/pw or it says that the folder wp-content doesn’t exist.

Is there an easy way to fix this problem in 2020 that doesn’t require having to go into the websites code?

I’ve noticed the same messages with my other GVO websites so I’m also wondering if it’s an issue with their server?

Thank you,

Jeremy

The property or field ‘ItemCount’ has not been initialized. It has not been requested or the request has not been executed

I have the following code inside our server-side event receiver, the code should connect to a sharepoint online list and get the total number of items, here is the code:-

   try    {      currentItem["Status"] = "Pending";      if (currentItem.ContentType.Name.ToLower().Contains("project"))         {             using (ClientContext context = new ClientContext("https://***.sharepoint.com/"))            {              string s = "***";              SecureString passWord = new SecureString();              foreach (var c in s)              passWord.AppendChar(c);              context.Credentials = new SharePointOnlineCredentials("admin@****.onmicrosoft.com", passWord);              List list = context.Web.Lists.GetByTitle("Project");              context.ExecuteQuery();              var countItems = list.ItemCount;            }          }    }    catch (Exception e)    {      var errormessage = e.Message;    } 

but i am getting this exception:-

Microsoft.SharePoint.Client.PropertyOrFieldNotInitializedException was caught   HResult=-2146233079   Message=The property or field 'ItemCount' has not been initialized. It has not been requested or the request has not been executed. It may need to be explicitly requested.   Source=Microsoft.SharePoint.Client.Runtime   StackTrace:        at Microsoft.SharePoint.Client.ClientObject.CheckUninitializedProperty(String propName)        at Microsoft.SharePoint.Client.List.get_ItemCount()        at OrderManagement.EventReceiver1.EventReceiver1.ItemUpdated(SPItemEventProperties properties)   InnerException:  

So can anyone advice how i can fix this issue?

The page you requested is temporarily unavailable. We apologize for the inconvenience, please check back in a few minutes

I am adding and updating 56 columns(include people picker column) and 4999 rows in sharepoint list through excel using rest api but after some time i get throttle temporary issue and it does not update or add all data. “The page you requested is temporarily unavailable. We apologize for the inconvenience, please check back in a few minutes”

CUPS Error – Canon MF633cdw printing beyond (doble) of the requested number

I installed CUPS on Linux Mint 19. x and after installing the printer via Cups, two things happened: (1) The printer remains installed in CUPS even though I have reinstalled Mint on my notebook, did not need to reinstall, is already there fixed. If I try to reinstall 2 printers appear the same on the system. (2) When I send a file to print, it multiduplicates the number of pages requested, example: if I request 2 copies of the file, I receive 4; If I ask 4, I receive 16 and so on. I already tried reinstalling CUPS, I deleted and reinstalled the printer, I already reseted the printer and nothing solves! Please help!

Server application to hold PGP private keys and decrypt as requested

I don’t know if what I’m talking about exists, or if the concept doesn’t make any sense, or even if it’s just a stupid question. I’m developing a small integration for our business which receives files that have been encrypted by our PGP public key. Obviously I want to decrypt those files with our PGP private key.

In the ideal scenario, any machine running the integration would be able to contact a centralised server and ask it to decrypt a given file using the private key (probably by providing some credentials). Does such a software exist, and if so what is it called?

The alternative is that I’ll need to pass the private key between multiple machines, which is less than ideal.

The requested URL /trans4orient/wp-admin/ was not found on this server. Apache/2.4.29 (Ubuntu) Server at localhost Port 80

I have a problem. I have a site on the directory /var/www/monsite but when I made url to access my site I found the following error Not Found

The requested URL /trans4orient/wp-admin/ was not found on this server. Apache/2.4.29 (Ubuntu) Server at localhost Port 80