I'd agree with that point in cases where it's less clear, but in this case, it's perfectly clear that the user action would have been harmless if not for the administrator typo. I don't disagree that more protection at the user action level would be nice in this case, that's really different discussion than whether this constitutes a denial of service exposure.
There's a reason that trusted users are called that, because they have the power to shoot themselves, and the entire system. We cannot protect against every possible harmful act by trusted users, whether accidental or malicious. Regards, - Bill Holder On Thu, 17 Sep 2009 10:48:53 -0700, Schuh, Richard <rsc...@visa.com> wrot e: >I don't think you can differentiate between the root cause and the immediate cause when it comes to security and integrity. You may not necessarily be able to detect the root cause, but you must protect the system against the immediate cause if at all possible. > >Regards, >Richard Schuh > >