Talk:Principle of least privilege

From Wikipedia, the free encyclopedia

widely recognized

I don't see why POLP is used... are there benefits other than widely recognized?

[edit] What benefits are widely recognized?

Note least privilege can neither be determined nor enforced. Some have proposed a more realistic objective of principle of 'small' privilege, but there is little chance of defining 'small' in a useful way.

This is used as a non-specific attempt to reduce the scope of things a process can do in blind hope of eliminating its ability to do something essential to disruptive behavior. This is used as an axillary measure to make penetration more difficult. It cannot absolutely guarantee prevention of anything.

Unfortunately, because of problems enforcing this principle, it is not very effective. It is often used as a buzz word when good security is viewed as too hard. John (talk) 05:42, 17 November 2007 (UTC)

[edit] I don't really understand why

I can see why there needs to be some kind of hierarchy when users are working within an organization, as far as they need only the privileges/accesses necessary to perform their jobs. However, I think there needs to be a different kind of approach to this problem... flat out "denying access" to certain apps within a program often tends to frustration... because the procedures and permissions associated to that person's security access are often just "assumed" by the person delegating the access. It seems a bit abstract and arbitrary.