Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API

From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "permissions"
-
Worst hack/attack I had to deal with?
Worst, or funniest. A partnership with a Canadian company got turned upside down and our company decided to 'part ways' by simply not returning his phone calls/emails, etc. A big 'jerk move' IMO, but all I was responsible for was a web portal into our system (submitting orders, inventory, etc).
After the separation, I removed the login permissions, but the ex-partner system was set up to 'ping' our site for various updates and we were logging the failed login attempts, maybe 5 a day or so. Our network admin got tired of seeing that error in his logs and reached out to the VP (responsible for the 'break up') and requested he tell the partner their system is still trying to login and stop it. Couple of days later, we were getting random 300, 500, 1000 failed login attempts (causing automated emails to notify that there was a problem). The partner knew that we were likely getting alerted, and kept up the barage. When alerts get high enough, they are sent to the IT-VP, which gets a whole bunch of people involved.
VP-Marketing: "Why are you allowing them into our system?! Cut them off, NOW!"
Me: "I'm not letting them in, I'm stopping them, hence the login error."
VP-Marketing: "That jackass said he will keep trying to get into our system unless we pay him $10,000. Just turn those machines off!"
VP-IT : "We can't. They serve our other international partners."
<slams hand on table>
VP-Marketing: "I don't fucking believe this! How the fuck did you let this happen!?"
VP-IT: "Yes, you shouldn't have allowed the partner into our system to begin with. What are you going to do to fix this situation?"
Me: "Um, we've been testing for months already went live some time ago. I didn't know you defaulted on the contract until last week. 'Jake' is likely running a script. He'll get bored of doing that and in a couple of weeks, he'll stop. I say lets ignore him. This really a network problem, not a coding problem."
IT-MGR: "Now..now...lets not make excuses and point fingers. It's time to fix your code."
IT-VP: "I agree. We're not going to let anyone blackmail us. Make it happen."
So I figure out the partner's IP address, and hard-code the value in my service so it doesn't log the login failure (if IP = '10.50.etc and so on' major hack job). That worked for a couple of days, then (I suspect) the ISP re-assigned a new IP and the errors started up again.
After a few angry emails from the 'powers-that-be', our network admin stops by my desk.
D: "Dude, I'm sorry, I've been so busy. I just heard and I wished they had told me what was going on. I'm going to block his entire domain and send a request to the ISP to shut him down. This was my problem to fix, you should have never been involved."
After 'D' worked his mojo, the errors stopped.
Month later, 'D' gave me an update. He was still logging the traffic from the partner's system (the ISP wanted extensive logs to prove the customer was abusing their service) and like magic one day, it all stopped. ~2 weeks after the 'break up'.8 -
I need a new 'main' language to do all my projects in as java is kind of grinding away at my psyche.
Golang I liked quite a lot when I used it for my job a year ago, I'll give that a try..
Golang installed and up and working fine.
Oh, I know lets see if there are GLFW bindings for golang. And sure there are lets go!
Oh I need gcc and mingwex + mingw32 which I will acquire through cygwin.
hmm.. mingwex + mingw32 not found and my drive is almost full. I'll reinstall on my D:\ drive before continuing troubleshooting.
> Delete C:\Cygwin Access denied.
> cmd rmdir c:\test /s /q Access denied.
> Change permissions Access denied.
No problem I just don't own this object!
> Change to be the 'object owner' Success!
> Change permissions Success!
> Delete C:\Cygwin Access denied.
> cmd rmdir c:\test /s /q Access denied.
> takeown /F C:\Cygwin /A /R /D Y Success!
> cmd rmdir c:\test /s /q Access denied.
At this point it would be more efficient to manually open up my ssd, and using a fridge magnet change every single bit to be exactly what I want it to be.
Or install linux.7 -
Why I love Salesforce 👀
- Run a test method
- failure: no field found
- checks test, queries field
- checks field security (access permissions) visible to user
- runs test again
- failure: no field found
- adds debug log of queried field
- runs test again
- succes
Thanks, thanks for fucking with me today 🥲6 -
work laptop without admin permissions to install anything, like a text editor, or IDE
why couldn't i have been born to a rich family instead of being a wageslave5 -
FUCKING MICROSOFT IIS SHIT.
I'm a .NET dev since 13 years and EVERY FUCKING TIME STUPID IIS MOTHERFUCKER AND STUPID WINDOWS SERVER have a different problem setting up because of some permission.
You can't never get a site up in IIS without loosing time and patience having weird 400/500.x errors because every fucking machine have to set up some tweaky and hidden permissions.
I have 2 identical fucking win servers and deploying a .NET core applications and on one works (test server) and obviously, on the production server it gives troubles.
FUCK YOU MICROSOFT FUCK YOU I would take the IIS devs personally here and whip them to death until they don't resolve the fucking thing4 -
In my current company (200+ employees) we have 3 guys who deals with everything related to service desk (format computers, fix network issues, help non-tech people...)
The same team is responsible for the AWS accounts and permissions, Jenkins, self hosted Gitlab... anyway, DevOps stuff.
Thing is: only one of them have enough DevOps background to handle the requests from the engineering team (~15 people). Also, he usually do anything "by hand" clicking trough the AWS interface on each account, never using tools like Infrastructure as Code to help (that's why I started to refer to his role only as Ops, because there's no Dev being done there).
Anyway... I asked my manager why that team is responsible for both jobs, despite the engineering guys having far more experience with those tools. He answered with a shamed smile, as he probably questioned the same to his manager:
- Because they are responsible for everything related to our Infrastructure.
Does it make sense for anyone? Am I missing something here? In what universe this kind of organization is a healthy choice?4 -
Infrastructure took away our read access in S3 to data that we own and our ability to manually delete/upload to S3 in that prefix (which we own). Without waiting for us to confirm that we have alternative means to read and change what is in there. And I had no warning about this, so here I am doing a midnight mod on an existing solution of mine in hopes that I can finish it before tomorrow morning for some legal reporting deadline.
Things would be so much easier if the infrastructure team let the emergency support role have those permissions for emergencies like this, but they didn't. I guess "least privilege" means "most time spent trying to accomplish the most trivial of things, like changing a file".8 -
Jesus christ I need my VP and CIO to get their hands out of Azure and GCP and just let me work.
Yes, governance and security and IAM are big deals. That's why you have infraops people like me to deal with that.
I'm literally working with one hand tied behind my back because just about every button press or CLI command I need to do my damn job as a professional cloud fluffer requires me to go bother an executive and ask permission to pretty please can I deploy a new container, can you go press the shiny button? No not that one, move your mouse up...up..now UP..ok over lef-no..can I have mouse control? Sigh fine, do you see where it says "Approvers", no that says "Release Pipeline"
Look I actually kinda like this job, I do, in as much as when I have something to do I get left the fuck alone to do it. Meetings are minimal, aside from the odd days when one of our app services decides to yeet itself into the river Styx, there's little distractions.
Yeah, developers do dumb shit but that's probably best left to the notion of job security and never talked about again less they go to HR and complain that the ops guy was very stern and direct and made the developer take some accountability for their work product.
AND YET
It's so intergalactically stupid that I have to go ask permission just to do ops tasks by the same people barging down my goddamn door asking why the ops task isn't done yet.
"Because you won't give me permissions in GCP to actually DO anything".
Okay. Rant over. Time for lunch. Good meeting, see you all at the holiday party.2 -
- Try to do continuous development
- Can't create new permissions in the application for feature flags, have to contact some IT person
- IT person takes three days to respond
- You are not doing continuous development
- Try again with environment variables
- Environment variables aren't getting built into the code
- Takes two days to figure out why
- You are not doing continuous development
- Enable feature for everyone, fuck this2 -
To give my own old rant here a bit more background:
https://devrant.com/rants/5319171/...
Cloud solutions offline for some customers, a bit longer than a week...
https://theregister.com/2022/04/...
Bamboo release fucked up...
https://jira.atlassian.com/browse/...
They've withdrawn the new release 8.2.0 and instead went for 8.2.1 ...
Well just because you had to give everyone admin rights in an minor release as they fucked up permissions, who cares. -
Dev goals for 2022? Best and worst DX in the past?
Wish to prioritize customers with useful business goals who are open to sustainable web dev, usability and accessibility.
Want to use even more CSS and find a way to use new features like parent selectors without sacrificing compatibility.
Continue learning and using Symfony, but also continue with my full-stack side project using JS or even better TypeScript for the backend also for the backend.
Best developer experience: getting new customers for my own business after leaving a company last winter.
Worst developer experiences:
Corporate customers with large budgets and design agencies seem to fancy all the antipatterns I thought bad and obsolete, like carousel content, animations everywhere, and autoplay videos on the home page. Poorly written, poorly thought, and sometimes contradictory, requirements. Customers and agencies changing their mind halfway through a project.
"Agile" daily meetings, not giving devops necessary repository permissions, and making Webpack mandatory for no real reason.2