From the course: Node.js: Security
Join today to access over 24,700 courses taught by industry experts.
Overview of broken access control - Node.js Tutorial
From the course: Node.js: Security
Overview of broken access control
- [Instructor] Broken access control vulnerabilities arise when applications fail to enforce proper restrictions on user permissions, allowing unauthorized individuals to access, modify, or delete data and perform actions beyond their intended privileges. This can lead to unauthorized information disclosure, data tampering, or even complete system compromise. Common examples include insecure direct object references, which is also called IDOR, where users can access data by manipulating identifiers and privilege escalation, where users gain higher level access than permitted. Implementing access control mechanisms and adhering to the principle of lease privileges are essential to mitigate these risk. So let me demonstrate through a code example. So I'm going to minimize this. And I'm going to go in the exercise files, chapter one, video 01_03, and I'm going to drop this into my Visual Studio Code here. I'm going to start with insecure code. I'm going to show this to you. So as you can…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.