This is an old revision of the document!

Principle Of Least Privilege

The original formulation is the following: every program and every privileged user of the system should operate using the least amount of privilege necessary to complete the job. From Jerome H. Saltzer in 1974.

Variants and Alternative Names

principle of minimal privilege
principle of least authority

Context

contexts

Principle Statement

In a particular abstraction layer of a computing environment, every module (such as a process, a user, or a program, depending on the subject) must be able to access only the information and resources that are necessary for its legitimate purpose.

Description

Rationale

Strategies

Caveats

See section contrary principles.

Origin

Evidence

Relations to Other Principles

Generalizations

Specializations

Contrary Principles

Complementary Principles

Principle Collections

Examples

Example1:

Description Status

Stub

Discussion

Discuss this wiki article and the principle on the corresponding talk page.

Principles Wiki

Sidebar

Contents

Meta

Table of Contents

Principle Of Least Privilege

Variants and Alternative Names

Context

Principle Statement

Description

Rationale

Strategies

Caveats

Origin

Evidence

Relations to Other Principles

Generalizations

Specializations

Contrary Principles

Complementary Principles

Principle Collections

Examples

Example1:

Description Status

Further Reading

Discussion

Principles Wiki

User Tools

Site Tools

Sidebar

Contents

Meta

Table of Contents

Principle Of Least Privilege

Variants and Alternative Names

Context

Principle Statement

Description

Rationale

Strategies

Caveats

Origin

Evidence

Relations to Other Principles

Generalizations

Specializations

Contrary Principles

Complementary Principles

Principle Collections

Examples

Example1:

Description Status

Further Reading

Discussion

Page Tools