Principle 4:Least privilege Only the minimum access necessary to perform an operation should be granted,and that access should be granted only for the minimum amount of time necessary. Example:you go vacation,ask a friend to pick up mail Example:U.S.government--the policy of "need to know." Counterexample:famous violations of least privilege exist in UNIX systems (--needs root privilege for running a service on a port number less than 1024) Some e-mail servers is that they don't give up their root permissions once they have grabbed the mail port(Sendmail is a classic example). Counterexample:device drivers having to run in kernel mode Counterexample:Several calls in the Windows API for accessing objects that grant all access if you pass "O"as an argument. -Programmers are lazy. -CSE825 9CSE825 9 Principle 4: Least privilege Only the minimum access necessary to perform an operation should be granted, and that access should be granted only for the minimum amount of time necessary. Example: you go vacation, ask a friend to pick up mail Example: U.S. government -- the policy of “need to know.” Counterexample: famous violations of least privilege exist in UNIX systems (-- needs root privilege for running a service on a port number less than 1024) ─ Some e-mail servers is that they don't give up their root permissions once they have grabbed the mail port (Sendmail is a classic example). Counterexample: device drivers having to run in kernel mode Counterexample: Several calls in the Windows API for accessing objects that grant all access if you pass "0" as an argument. ─ Programmers are lazy