- **Epistemic status:** #budding The principle of least privilege is that every module such as a user, [[Computer Program]], process, etc. must operate with the minimum amount of permissions that allow them to access the information they need. The principle dates back to the early 1970: > Every program and every privileged user of the system should operate using the least amount of privilege necessary to complete the job. (Jerome Saltzer, Communications of the ACM, 1974) The benefits of the principle include: - **Better system stability**. When the module has a limited scope of changes that it can make to a system, it makes it easier to test its possible actions and interactions with other modules. - **Better system security**. Because the module is limited in scope, vulnerabilities in one module cannot exploit the rest of the machine, just the parts that specific module can access. - **Ease of deployment.** The fewer permissions a module requires, the easier it is to deploy to a larger environment. --- ## References - “Principle of Least Privilege.” In _Wikipedia_, September 21, 2022. <https://en.wikipedia.org/w/index.php?title=Principle_of_least_privilege&oldid=1111531989>. - Thomas, David, and Andrew Hunt. _The Pragmatic Programmer, 20th Anniversary Edition: Journey to Mastery_. Second edition. Boston: Addison-Wesley, 2019.