Least privilege

From Sysadmin

Jump to: navigation, search

The principle of least privilege states that users and systems should only have the privileges they need to achieve their tasks and no more.

Database

One important area here is database access. MySQL has a rich set of ACLs. There is a temptation to grant all privileges to a database user (or just use the standard MySQL superuser root) because it is easy. In reality non-administrative access to a database requires very few privileges. Using limited privileges can prevent accidental damage to the database you are accessing, other databases and can contain an intruder who was broken into an application connected to the database.

System

Root access should only be used on Unix when necessary. The command sudo is ideal for sysadmins to execute commands as root as required. Using sudo properly reduces the chance of the sysadmin accidentally damaging a system and potentially causing an outage.

Retrieved from "http://www.practicalsysadmin.com/wiki/index.php/Least_privilege"
Personal tools