Default privileges on Windows via SSH or Terminal is nt authority\system #4869
Labels
stale
This issue is like stale bread.
Comments
|
Found an unmerged PR over at https://github.com/coder/coder/pull/3879/files#diff-631d16f5e5ec97f10366bab9ec29c73b91642802f0188da620bc1c186369dfb2R77 which confirms suspicions that our templates should demonstrate the creation of accounts. |
|
This issue is becoming stale. In order to keep the tracker readable and actionable, I'm going close to this issue in 7 days if there isn't more activity. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Been playing around with our windows templates and noticed the account used for ssh/terminal by default is
nt authority\systemwhich is the most powerful account possible on windows.Over in our linux templates we practice least privileges by default
coder/examples/templates/gcp-linux/main.tf
Line 104 in 6bfdccd
I think we should evolve the templates towards creating an account that belongs to the administrator group but that decision should not be enforced (if people want to have a windows box without any users we should permit it).
Opening for discussion as to steps.
The text was updated successfully, but these errors were encountered: