Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I wonder why the original requestor isn't tied to the RBAC access, rather than the tool.

For example, in a database I know both the account that is logged and the OS name of the person using the account. Why would the RBAC not be tied by both? I guess I don't understand why anyone would give access to an agent that has anything but the most limited of access.



Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: