Differences

This shows you the differences between two versions of the page.

--- principles:principle_of_least_privilege [2017-11-19 21:41] – PoLP: structure christian
+++ principles:principle_of_least_privilege [2020-10-12 16:29] – old revision restored (2017-10-26 14:19) 159.69.186.191
@@ Line 1: / Line 1: @@
 ====== Principle Of Least Privilege ======
+The original formulation is the following: every program and every privileged user of the system should operate using the least amount of privilege necessary to complete the job. From Jerome H. Saltzer in 1974.
 ===== Variants and Alternative Names =====
@@ Line 7: / Line 9: @@
 ===== Context =====
-  * [[contexts:Security]]
+  * [[contexts:]]
 ===== Principle Statement =====
-Every program and every privileged user of the system should operate using the least amount of privilege necessary to complete the job.
+In a particular abstraction layer of a computing environment, every module (such as a process, a user, or a program, depending on the subject) must be able to access only the information and resources that are necessary for its legitimate purpose.
 ===== Description =====
-In a particular abstraction layer of a computing environment, every module (such as a process, a user, or a program, depending on the subject) must be able to access only the information and resources that are necessary for its legitimate purpose.
 ===== Rationale =====
@@ Line 32: / Line 32: @@
 ===== Origin =====
-From Jerome H. Saltzer in 1974.
 ===== Evidence =====
@@ Line 39: / Line 38: @@
 /*  * [[wiki:Proposed]]*/
 /*  * [[wiki:Examined]]*/
+/*  * [[wiki:Accepted]]*/
-  * [[wiki:Accepted]]
 /*  * [[wiki:Questioned]]*/