INVITATION TO CYBERSECURITY 226 need—another violation of this principle. For example, if an unusual circumstance arises and a non-IT employee needs access to the server room, one option would be to just give him a key to the room and assume that he will return it later. But a better option would be to escort him to the room, unlock the door, and wait while he completes his task. The second option reduces the amount of time he has access to the bare minimum. An implementation of least privilege in multi-level security systems where people handle classified information is need-to-know (see Chapter 8). This limits the exposure of classified information. Least privilege is also implemented in Linux operating systems with the sudo command. Sudo is short for “substitute user, do” and it allows users to run a command as another user. By default, sudo runs commands as the root user. Figure 9.4 illustrates Bob trying to view a sensitive file for which he does not have read permissions, therefore, he receives a “Permission denied” error. Then Bob runs the same command using sudo and is able to view the contents of the file. The screenshot also shows that Bob is re-authenticated at the point when he requests access to the file—he must type in his password—as an extra security precaution. Sudo can be used in this way to temporarily escalate a user’s permissions in line with the principle of least privilege. Figure 9.4 Using sudo to view a sensitive file on a Linux machine. Following the principle of least privilege has several benefits. For one, it limits the damage that a malicious insider can cause. For example, if all the employees at a company were given access to the entire database of customers, then any employee could cause a wide-scale data breach. Least privilege also limits the damage that can occur by external threats who, as we have seen, often compromise user accounts. After compromising an account, a hacker has the same access as the compromised user. For this reason, compromising an administrator’s account is a major coup for the hacker, so the number of users
RkJQdWJsaXNoZXIy MTM4ODY=