Quick blurbs about my daily struggle with technology. You'll likely to find ramblings about Linux, Java, home networks and Cloud computing.
Search This Blog
Saturday, May 1, 2010
Release It! - Chapter 12.1 The Principle of Least Privilege
The principle of “least privilege” mandates that a process should have the lowest level of privilege needed to accomplish its task -- which usually means running as a non-admin user. Using privileged accounts gives crackers a place to attack your systems. To further contain vulnerabilities, each major application should have its own user, such as "tomcat" for an Apache Tomcat process.