> And further, why would you only have one mechanism for tenancy enforcement? Networking is a fine boundary, but there should have been a token as well.
Honestly, this bug, and this comment on the recent ChaosDB bug, https://news.ycombinator.com/item?id=29296170, make me think that Azure just doesn't know how to do tenant segregation securely. These types of bugs where some small flaw allow complete takeover of other accounts (or worse, complete takeover of the whole service) are pretty catastrophic.
Yeh, MS seems to be like every other large corp in this case. Too big to handle for one security team. So you end up with, some parts of it that got security down; but all those < V3 services? they seem to be written by 3rd world contractors who code-review via stackoverflow
Honestly, this bug, and this comment on the recent ChaosDB bug, https://news.ycombinator.com/item?id=29296170, make me think that Azure just doesn't know how to do tenant segregation securely. These types of bugs where some small flaw allow complete takeover of other accounts (or worse, complete takeover of the whole service) are pretty catastrophic.