tex: add more stuff on zero trust
This commit is contained in:
parent
4794060cd0
commit
321586c21f
SSH Key Fingerprint:
SHA256:Dp8+iwKHSlrMEHzE3bJnPng70I7LEsa3IJXRH/U+idQ
@ -1211,7 +1211,9 @@ are bound to the first password change. Of course, the evil administrator could
|
|||||||
just perform the change themselves; however, the user would at least be able to
|
just perform the change themselves; however, the user would at least be able to
|
||||||
find those changes in the activity logs and know not to use the application.
|
find those changes in the activity logs and know not to use the application.
|
||||||
But given the scenario of a total database compromise, the author finds all
|
But given the scenario of a total database compromise, the author finds all
|
||||||
hope is already lost at that point.
|
hope is already lost at that point. At least when the database is dumped, it
|
||||||
|
only contains non-sensitive, functional information in plain test, everything
|
||||||
|
else should be encrypted.
|
||||||
|
|
||||||
Consequently, both the application operators and the in-application
|
Consequently, both the application operators and the in-application
|
||||||
administrators should never be able to learn the details of what the user is
|
administrators should never be able to learn the details of what the user is
|
||||||
|
|||||||
Reference in New Issue
Block a user