What is the principle of least privilege?
The principle of least privilege (PoLP; also known as the principle of least authority) is an important concept in computer security, promoting minimal user profile privileges on computers, based on users' job necessities. It can also be applied to processes on the computer; each system component or process should have the least authority necessary to perform its duties. This helps reduce the "attack surface" of the computer by eliminating unnecessary privileges that can result in network exploits and computer compromises. You can apply this principle to the computers you work on by normally operating without administrative rights.
- For information about gaining administrative privilege on a Windows
computer, see In Windows, how can I run an administrator task from a non-admin account?
- On Unix and Mac OS X computers, if you need
administrative access, you can use the
sudoorsucommand; see In Unix, what are the sudo and su commands?
Also see:
- At IU, in Windows 2000, XP, or Vista, how do I give myself or other users login privileges on my computer?
- Where can I find information about Unix workstation security?
- Best practices for computer security
- In Windows, why should I avoid running my computer as an administrator?
This is document amsv in domain all.
Last modified on June 25, 2008.
Last modified on June 25, 2008.
Please tell us, did you find the answer to your question?
