The Vulnerability History Project

Lesson: Least Privilege

Is this an example of the **Principle of Least Privilege**? The Principle of Least Privilege is a concept in cybersecurity that you should never give more permissions to something than it needs. You might be tempted to simplify your life by just giving the "keys to the kingdom" to maybe a service or another person, but this can cause problems down the road when either you get exploited or you need to lock down the system after deployment. In this context, **permissions** can mean many things, ranging from file system permissions, system-level permissions, or context-specific permissions.


Beware of complex inputs

Don't just think about code complexity, think about *input* complexity.