Has anyone run into the requirement to restrict the addition of all resources to a target or filter based on a security role with restriced access? The concern raised is that if a worker is able to schedule a task or policy with a target that contains a filter with a query to define more computers than you are permitted to see. Another concern is that if a worker is able to schedule a task or policy with a target with no rules defined, this would include all computers. Scary thought!! Any help on this would be greatly appreciated.
Thanks