Privilege Bracketing
In computer security, privilege bracketing is a temporary increase in software privilege within a process to perform a specific function, assuming those necessary privileges at the last possible moment and dismissing them as soon as no longer strictly necessary, therefore ostensibly avoiding fallout from erroneous code that unintentionally exploits more privilege than is merited. It is an example of the use of principle of least privilege in defensive programming. It should be distinguished from privilege separation, which is a much more effective security measure that separates the privileged parts of the system from its unprivileged parts by putting them into different processes, as opposed to switching between them within a single process. An known example of privilege bracketing is in Debian/Ubuntu: using the 'sudo' tool to temporarily acquire 'root' privileges to perform an administrative command. A Microsoft Powershell equivalent is "Just In Time, Just Enough Admin". See al ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Privilege (computing)
In computing, privilege is defined as the delegation of authority to perform security-relevant functions on a computer system. A privilege allows a user to perform an action with security consequences. Examples of various privileges include the ability to create a new user, install software, or change kernel functions. Users who have been delegated extra levels of control are called privileged. Users who lack most privileges are defined as unprivileged, regular, or normal users. Theory Privileges can either be automatic, granted, or applied for. An automatic privilege exists when there is no requirement to have permission to perform an action. For example, on systems where people are required to log into a system to use it, logging out will not require a privilege. Systems that do not implement file protection - such as MS-DOS - essentially give unlimited privilege to perform any action on a file. A granted privilege exists as a result of presenting some credential to the ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Principle Of Least Privilege
In information security, computer science, and other fields, the principle of least privilege (PoLP), also known as the principle of minimal privilege (PoMP) or the principle of least authority (PoLA), requires that in a particular abstraction layer of a computing environment, every module (such as a process, a user, or a program, depending on the subject) must be able to access only the information and resources that are necessary for its legitimate purpose. Details The principle means giving a user account or process only those privileges which are essential to perform its intended function. For example, a user account for the sole purpose of creating backups does not need to install software: hence, it has rights only to run backup and backup-related applications. Any other privileges, such as installing new software, are blocked. The principle applies also to a personal computer user who usually does work in a normal user account, and opens a privileged, password protected ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Defensive Programming
Defensive programming is a form of defensive design intended to develop programs that are capable of detecting potential security abnormalities and make predetermined responses. It ensures the continuing function of a piece of software under unforeseen circumstances. Defensive programming practices are often used where high availability, safety, or security is needed. Defensive programming is an approach to improve software and source code, in terms of: * General quality – reducing the number of software bugs and problems. * Making the source code comprehensible – the source code should be readable and understandable so it is approved in a code audit. * Making the software behave in a predictable manner despite unexpected inputs or user actions. Overly defensive programming, however, may safeguard against errors that will never be encountered, thus incurring run-time and maintenance costs. There is also a risk that code traps prevent too many exceptions, potentially resulti ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Privilege Separation
In computer programming and computer security, privilege separation is one software-based technique for implementing the principle of least privilege. With privilege separation, a program is divided into parts which are limited to the specific privileges they require in order to perform a specific task. This is used to mitigate the potential damage of a computer security vulnerability. A common method to implement privilege separation is to have a computer program fork into two processes. The main program drops privileges, and the smaller program keeps privileges in order to perform a certain task. The two halves then communicate via a socket pair. Thus, any successful attack against the larger program will gain minimal access, even though the pair of programs will be capable of performing privileged operations. Privilege separation is traditionally accomplished by distinguishing a ''real'' user ID/ group ID from the ''effective'' user ID/group ID, using the setuid(2)/setgid(2 ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Privilege Revocation (computing)
{{inline, date=December 2008 Privilege revocation is the act of an entity giving up some, or all of, the privileges they possess, or some authority taking those (privileged) rights away. Information theory Honoring the Principle of least privilege at a granularity provided by the base system such as sandboxing of (to that point successful) attacks to an unprivileged user account helps in reliability of computing services provided by the system. As the chances of restarting such a process are better, and other services on the same machine aren't affected (or at least probably not as much as in the alternative case: i.e. a privileged process gone haywire instead). Computer security In computing security ''privilege revocation'' is a measure taken by a program to protect the system against misuse of itself. Privilege revocation is a variant of privilege separation whereby the program terminates the privileged part immediately after it has served its purpose. If a program doesn' ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |