The Power of Fake Perms

Lets run through a scenario to visualize the beauty of redeemable permissions.

Imagine in our server we have not assigned permissions to any roles, and they are purely for visual/staff identification purposes.

Instead of a role having a permission, a permission can be granted to a individual user.

Now, at any time, the user who has been granted a permission may redeem that permission

Once redeemed, the user will be temporarily given a role that has been given the specified permission. After the time window has closed, this role will be deleted.

Now in the event of a account compromise, in this scenario, the attacker would have to:

Know about the fake permissions in the first place
Know which permissions are granted to the user account they are on
Know how to redeem the permissions

and in the event they do grant themself a permission, it will be temporary, and the core protections of Infinit3Guard will mitigate most possible attacks.

PreviousTutorial NextStaying Safe

Last updated 1 year ago