Follow the Principle of Least Privilege
The principle of least privilege (PLP) will help us design better security throughout the application.
In PLP, every abstraction layer in an applicationâprogram, user, processâhas access only to the information and resources that it needs to complete its task. If the application layer canât access privileged resources, then it canât be abused to give attackers access to those resources. PLP limits damages in case of a breach.
A common example of PLP can be seen in the operating systems; as a user, you have a regular account for working with installed applications. When you want to do something that requires higher privileges, such as installing an application, you see a prompt asking for higher ...
Get Secure Your Node.js Web Application now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
