|
|
|
|
|
|
by IggleSniggle
722 days ago
|
|
|
The problem with the principle of least privilege is that you don't know how much privilege you need until you need it. And once you need it, you need to define a scope for it. If you wish to bake an apple pie from scratch, you must first invent the universe. But are you done with the universe once the apple pie is baked, or does it still need to be eaten, digested, and excreted? Are you done then? And what specific portions of the universe did you need in order to accomplish this goal? You're not sure? I'll see you in a few years when you're done with the research. Sorry to be so cynical, as I do actually believe the principle of least privilege is an appropriate goal; I just think that there's no getting around that the engineers themselves are the ones who really must uphold this virtue, and even then, it can go overboard. At some point, the software should do something. |
|
|