Risk
Overly Permissive Permissions in Experimentation
Description
Users/code have admin/root rights in experimentation environments, risking privilege escalation or lateral movement.
Example
Researcher runs experiment as root, accidentally wipes shared storage.
Assets Affected
AI platform
Notebook
Mitigation
- Principle of least privilege
- RBAC
- No-root-by-default
- Periodic access reviews
- Enforce sandbox policy
Standards Mapping
- ISO 42001: A.3.2, A.4.6
- NIST AI RMF: GOVERN 2.1, 3.2, MEASURE 2.7
- DASF v2: RAW DATA 1.1, PLATFORM 12.4