Modern privileged method pattern with inheritable protected state
Privileged Access Manager API client for Node.js
Model Context Protocol (MCP) server for Firefox DevTools automation (moz build with privileged context support)
MCP server providing AI agents with scoped access to Microsoft Entra PIM (Privileged Identity Management)
This piece provides integration with CyberArk PTA (Privileged Threat Analytics) for authentication and monitoring.
keynv command-line interface — AI-safe secrets management with alias-based references and a privileged subprocess wrapper.
Generate least privileged IAM policies by analysing application code.
SignalK plugin: RuuviTag environmental data via BlueZ over DBus. Drop-in replacement for signalk-ruuvitag-plugin without noble, raw HCI sockets, setcap, or privileged Docker.
Official SDK to perform privileged operations on your Kobble app.
No description provided.
A privileged helper tool for kt connect
Secrets allow you to securely define secret or privileged values that can be accessed in your running code as properties of the event.secrets object.
Quick Linux Meteor Deployments as a non-privileged user (eg. ubuntu)
Mozilla Add-ons Linter
Privileged server package for NotifyHub.
Privileged server-side access for Flare. Designed for secure environments to perform administrative tasks, manage user identities at scale, and orchestrate system-wide notifications with full bypass of client-side security rules.
Capability-token broker for irreversible agent actions (cf api, supabase admin, npm publish, git push, gh pr merge). Issues short-lived signed tokens and records every privileged execution to an append-only ledger.
Install Linux systemd node services, optionally requiring capabilities such as `CAP_NET_BIND_SERVICE` (which allows listening to privileged ports such as port 80 for http).
Behavioural confirmation engine. Gates privileged actions behind sustained, steady intent.
Behavioural confirmation engine. Gates privileged actions behind sustained, steady intent.
Run any script with privileged permissions, prompting the user with a graphical OS dialog if necessary
Dependency-free hardware bill of materials discovery library.
Add internal staff notes and assignees to topics in NodeBB. Notes are only visible to privileged users (moderators/admins).
OpenClaw-native privileged execution broker plugin with a root-owned broker daemon.
Safe Rust wrapper around Windows process token privilege and elevation detection APIs
Quick and simple access to the current privilege level of the CPU
Drop privileges on Windows
Advanced privilege escalation system with multi-level security and compliance features
A Rust crate for privilege request UI using eframe
Walled is a dependency-free crate designed to provide programmatic access to information about network port usage on Linux systems.
A simple crate to drop privileges
Async SSH CLI scraper library for network device automation
Portable atomic types including support for 128-bit atomics, atomic float, etc.
PostgreSQL management library for the LMRC Stack - comprehensive library for managing PostgreSQL installations on remote servers via SSH
Cross-platform library for administrative permission handling.
Discover platform privileges
Simple, explicit permissions/authorization
"vagrant plugin to provision VM with ansible in local mode"
## Overview Privileged Access Manager (PAM) is a Google Cloud native, managed solution to secure, manage and audit privileged access while ensuring operational velocity and developer productivity. PAM enables just-in-time, time-bound, approval-based access elevations, and auditing of privileged access elevations and activity. PAM lets you define the rules of who can request access, what they can request access to, and if they should be granted access with or without approvals based on the sensitivity of the access and emergency of the situation. ## Concepts ### Entitlement An entitlement is an eligibility or license that allows specified users (requesters) to request and obtain access to specified resources subject to a set of conditions such as duration, etc. entitlements can be granted to both human and non-human principals. ### Grant A grant is an instance of active usage against the entitlement. A user can place a request for a grant against an entitlement. The request may be forwarded to an approver for their decision. Once approved, the grant is activated, ultimately giving the user access (roles/permissions) on a resource per the criteria specified in entitlement. ### How does PAM work PAM creates and uses a service agent (Google-managed service account) to perform the required IAM policy changes for granting access at a specific resource/access scope. The service agent requires getIAMPolicy and setIAMPolicy permissions at the appropriate (or higher) access scope - Organization/Folder/Project to make policy changes on the resources listed in PAM entitlements. When enabling PAM for a resource scope, the user/ principal performing that action should have the appropriate permissions at that resource scope (resourcemanager.{projects|folders|organizations}.setIamPolicy, resourcemanager.{projects|folders|organizations}.getIamPolicy, and resourcemanager.{projects|folders|organizations}.get) to list and grant the service agent/account the required access to perform IAM policy changes.
## Overview Privileged Access Manager (PAM) is a Google Cloud native, managed solution to secure, manage and audit privileged access while ensuring operational velocity and developer productivity. PAM enables just-in-time, time-bound, approval-based access elevations, and auditing of privileged access elevations and activity. PAM lets you define the rules of who can request access, what they can request access to, and if they should be granted access with or without approvals based on the sensitivity of the access and emergency of the situation. ## Concepts ### Entitlement An entitlement is an eligibility or license that allows specified users (requesters) to request and obtain access to specified resources subject to a set of conditions such as duration, etc. entitlements can be granted to both human and non-human principals. ### Grant A grant is an instance of active usage against the entitlement. A user can place a request for a grant against an entitlement. The request may be forwarded to an approver for their decision. Once approved, the grant is activated, ultimately giving the user access (roles/permissions) on a resource per the criteria specified in entitlement. ### How does PAM work PAM creates and uses a service agent (Google-managed service account) to perform the required IAM policy changes for granting access at a specific resource/access scope. The service agent requires getIAMPolicy and setIAMPolicy permissions at the appropriate (or higher) access scope - Organization/Folder/Project to make policy changes on the resources listed in PAM entitlements. When enabling PAM for a resource scope, the user/ principal performing that action should have the appropriate permissions at that resource scope (resourcemanager.{projects|folders|organizations}.setIamPolicy, resourcemanager.{projects|folders|organizations}.getIamPolicy, and resourcemanager.{projects|folders|organizations}.get) to list and grant the service agent/account the required access to perform IAM policy changes. Note that google-cloud-privileged_access_manager-v1 is a version-specific client library. For most uses, we recommend installing the main client library google-cloud-privileged_access_manager instead. See the readme for more details.
Allows multiple environments in database.yml, and dynamically switching them.
Allows multiple environments in database.yml, and dynamically switching them.
Simple Rails plugin to restrict system access to authorized users.
Give Ruby objects superuser privileges. Based on dRuby and sudo (the Unix program).
A model based on Rails controller actions to make user privileges and feature toggle simpler
The Service Account Credentials API creates short-lived credentials for Identity and Access Management (IAM) service accounts. You can also use this API to sign JSON Web Tokens (JWTs), as well as blobs of binary data that contain other types of tokens. Note that google-iam-credentials-v1 is a version-specific client library. For most uses, we recommend installing the main client library google-iam-credentials instead. See the readme for more details.
A Ruby rewrite of Tom Rune Flo's Ninja, a privilege escalation monitor.
Kankri is a library for quickly setting up basic authentication with object-action privileges. It's intended to be used in projects which need a simple auth system with no run-time requirements and little set-up. It isn't intended for mission critical security.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.