8 lines
498 B
Plaintext
8 lines
498 B
Plaintext
== Ask Yourself Whether
|
|
|
|
* Granted permission to an entity (user, application) allow access to information or functionalities not needed by this entity.
|
|
* Privileges are easily acquired (eg: based on the location of the user, type of device used, defined by third parties, does not require approval ...).
|
|
* Inherited permission, default permission, no privileges (eg: anonymous user) is authorized to access to a protected resource.
|
|
|
|
There is a risk if you answered yes to any of those questions.
|