You are working on a functional bug in a tool used by your development organization. In your investigation, you find that the tool is executed with a security policy file containing this grant.
What action should you take?
A.
Nothing, because it is an internal tool and not exposed to the public.
B.
Remove the grant because it is excessive.
C.
Nothing, because it is not related to the bug you are investigating.
D.
File a security bug against the tool referencing the excessive permission granted.
E.
Nothing, because listing just the required permissions would be an ongoing maintenance challenge.
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit