Every program and every privileged user of the system should operate using the least amount of privilege necessary to complete the job.
In a particular abstraction layer of a computing environment, every module (such as a process, a user, or a program, depending on the subject) must be able to access only the information and resources that are necessary for its legitimate purpose.
See section contrary principles.
From Jerome H. Saltzer in 1974.
Discuss this wiki article and the principle on the corresponding talk page.