Infinit3Guard
  • Home
    • About
    • Core
    • Utilities
  • setup
    • Tutorial
    • The Power of Fake Perms
  • Security Handbook
    • Staying Safe
    • Threat List
  • Data Preservation
    • Storage/Logging
Powered by GitBook
On this page
  1. setup

The Power of Fake Perms

Lets run through a scenario to visualize the beauty of redeemable permissions.

PreviousTutorialNextStaying Safe

Last updated 2 years ago

Imagine in our server we have not assigned permissions to any roles, and they are purely for visual/staff identification purposes.

Instead of a role having a permission, a permission can be granted to a individual user.

Now, at any time, the user who has been granted a permission may redeem that permission

Once redeemed, the user will be temporarily given a role that has been given the specified permission. After the time window has closed, this role will be deleted.

Now in the event of a account compromise, in this scenario, the attacker would have to:

  1. Know about the fake permissions in the first place

  2. Know which permissions are granted to the user account they are on

  3. Know how to redeem the permissions

and in the event they do grant themself a permission, it will be temporary, and the core protections of Infinit3Guard will mitigate most possible attacks.