Samuel Roach

12/07/2022, 11:45 AM
Hey, I recently raised an issue about about running osquery as a SYSTEM process, and not being able to view files with privileges removed ( I have also provided a suggested fix, although was wondering if there was a specific reason for not using SeBackupPrivilege previously to read files and registries?

Mike Myers

12/07/2022, 4:09 PM
I've left a comment on the issue. I think the answer to your question is, no there is no reason not to do what you suggest

Samuel Roach

12/07/2022, 4:38 PM
Thanks, I appreciate the response :)