5 points | by rurban 9 hours ago ago
2 comments
Not that I'm an Azure expert, or trust Microsoft to tell the truth...but any privilege with "backup" in its name strikes me as security-critical.
Any experts care to comment?
I think it’s problematic that one permission was automatically adding another high trust permission, that they argued as expected behavior and then they silently changed this behavior, fixing the reported security issue.
Not that I'm an Azure expert, or trust Microsoft to tell the truth...but any privilege with "backup" in its name strikes me as security-critical.
Any experts care to comment?
I think it’s problematic that one permission was automatically adding another high trust permission, that they argued as expected behavior and then they silently changed this behavior, fixing the reported security issue.