|
|
|
|
|
|
by slaymaker1907
1740 days ago
|
|
|
There are programmatic implications for this as well. For example, don't use/trust really long lived tickets with Kerberos and force renegotiation with the AS. This doesn't require much human interaction if you are using keytabs. However, IMO it is much more important to continuously be checking authorization to ensure no funny business is going on rather than relying upon implied permissions. |
|
|