If the confused deputy is backwards, is that the same as double-negation; thus makes him less confused?
kurt
https://aembit.io/wp-content/uploads/2026/06/the-taxonomy-of-agent-threats.pdf
This taxonomy of agent threats is pretty interesting, but I think they go the confused deputy backwards.
This taxonomy of agent threats is pretty interesting, but I think they go the confused deputy backwards.So - is it always the case that in a confused deputy, the deputy uses its own credentials to access a resource the invoker requests? I guess it's possible it uses one invoker's credential with a different invoker's request, I guess we don't see that as frequently.IMO: it's important to remember that "unintentionally" is also part of the definition.
--
You received this message because you are subscribed to the Google Groups "friam" group.
To unsubscribe from this group and stop receiving emails from it, send an email to friam+un...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/friam/CAHgd1hEDk3rhMFebxKkfB_5FKmhLbcC0pf%2BogBp8d46Y4YqOVg%40mail.gmail.com.