Principle of Least Privilege
What is Principle of Least Privilege?
Principle of Least PrivilegeA security principle that grants every user, process, or service only the minimum privileges strictly required to perform its function — no more.
The Principle of Least Privilege (PoLP), first articulated by Saltzer and Schroeder in 1975, states that each subject should operate with the smallest set of permissions necessary for its task. Applied consistently, it limits blast radius: a compromised account, container, or service can damage only the narrow scope it had access to. PoLP shapes IAM design (granular roles, scoped tokens), system hardening (drop Linux capabilities, run as non-root), software architecture (privilege separation, sandboxing), and zero-trust strategies. Practical enforcement relies on RBAC/ABAC, just-in-time elevation, regular access reviews, and removal of unused permissions revealed by entitlement analytics.
● Examples
- 01
A microservice using a database role that can only read the rows it needs, not the whole schema.
- 02
A developer requesting time-bound admin rights via JIT access instead of holding them permanently.
● Frequently asked questions
What is Principle of Least Privilege?
A security principle that grants every user, process, or service only the minimum privileges strictly required to perform its function — no more. It belongs to the Identity & Access category of cybersecurity.
What does Principle of Least Privilege mean?
A security principle that grants every user, process, or service only the minimum privileges strictly required to perform its function — no more.
How do you defend against Principle of Least Privilege?
Defences for Principle of Least Privilege typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Principle of Least Privilege?
Common alternative names include: Least privilege, Need-to-know basis.