๐ Confused Deputy Problem
๐ Computing
๐ Computer Security
๐ Computer Security/Computing
๐ Computing/Software
In information security, a confused deputy is a computer program that is tricked by another program (with fewer privileges or less rights) into misusing its authority on the system. It is a specific type of privilege escalation. The confused deputy problem is often cited as an example of why capability-based security is important.
Capability systems protect against the confused deputy problem, whereas access-control listโbased systems do not.
Discussed on
- "Confused Deputy Problem" | 2023-10-18 | 11 Upvotes 2 Comments