What is the principle of least privilege?
Answer
The principle of least privilege (PoLP) states that every user, process, and system component should have only the minimum permissions necessary to perform its legitimate function — no more, no less. Why it matters: if an account or process is compromised, the attacker's capabilities are limited to only what that account was authorized to do. Applications: (1) User accounts: regular users don't need admin rights. (2) Service accounts: a web app's database account should only have SELECT/INSERT/UPDATE on required tables — not DROP or admin privileges. (3) Cloud IAM: granular resource-level permissions. (4) Network access: servers should only communicate on required ports. (5) Code execution: run web servers as non-root users. Regularly audit and revoke unused permissions. This is fundamental to Zero Trust security.