|
|
|
|
|
|
by salmonlogs
1094 days ago
|
|
|
Azure has some really horrible design patterns from a security perspective If a user creates a resource they have the ability to delete it later, regardless of their permissions. An IT Admin creates a Network/VM/Storage/Whatever and later changes role and has no access to Azure. They can STILL delete that object whenever they want. MSFT Bug Bounty declared it working as expected and by design. Owner can delete anything they own, regardless of permissions and access. |
|
|