MAF-005: First-user auto-admin flow poses security risks

[Floppy]

The first user to authenticate automatically receives administrator privileges.

Upon a fresh installation, the first user who successfully authenticates using normal login is automatically granted full administrative privileges.

Impact:

• Unauthorized users could obtain administrator-level access to the system. The issue is rated Low because administrators are expected to read the documentation and review the application before running it, but this default still expands the attack surface unnecessarily.
• Sensitive data and functionality may be exposed to malicious actors.
• The integrity of the platform's security controls could be compromised.

Recommendation:

• Establish secure procedures for initializing administrative accounts during setup. For instance, generate a random administrative account and password during setup and show this in the console when running the application for the first time, after which the user can create their own admin account.
• Provide clear documentation and guidance on securely configuring the auto-admin flow.

[Floppy]

I'm going to come back to this, as there's other work to do around the first-setup flow and I want to think about it all at once.