[PoignardAzur]

I think that's part of what security people mean by "zero-trust security".

Instead of building a giant moat and assuming that everyone who got past the moat is trusted, assume that everyone is untrusted by default, and build a capability system that's expressive enough that you can give everyone just enough capabilities that they can do their job without going through a bunch of pointless checks.

In practice that model is impopular because corporations tend to screw up the later part.

[grifball]

Yeah, honestly, I hate the truth that this compartment-based system is the best method for security. I never have the access to do my job, and it's a constant frustration to get access. Also, it makes for really uninteresting problems to solve. Instead of using something interesting to secure our systems, like cryptography, the most effective method is just phishing tests, employee training, and web form fuzzing. Cryptographic innovation is part of the solution, but at a certain business level, it's just about training.