Least privilege won’t solve every security problem, but it’s a significant step

"First and foremost, least privilege models prevent 90 percent or more of today’s malware. You can’t ignore that statistic. Malware writers may easily code around least privilege when they need to, but it does significantly cut down on software that can cause harm today. Second, least privilege mechanisms make it harder for malware to modify key system components. While malware may be able to still do harm — much harm — with user-mode programming alone, not being able to semi-permanently modify the operating system does provide protection you would not have otherwise.

This makes it more difficult for malware to hide from anti-malware software and forensic investigators. Malware with system access can install itself as a rootkit, more easily hide in memory, or perform myriad other obfuscation techniques that make it more difficult for the good guys.

Third, if your end-users don’t have administrative access to their machines, you can prevent them from installing unapproved software. Since the vast majority of today’s malware relies upon the end-user installing or clicking on something they shouldn’t, as well as having admin or root access, not having it will prevent attacks." - Content courtesy of Computer security: Why have least privilege? | InfoWorld | Column | 2008-02-08 | By Roger A. Grimes

For more articles like this one, please subscribe to my RSS feed! or receive updates via Email, IM, Twitter, Skype.