In computer programming, privilege separation is a technique used to mitigate the potential damage of a computer security attack. In its most basic form, a computer program forks into two processes. The main program drops privileges, and the smaller half keeps privileges in order to perform a certain task. The two halves then communicate via a socket pair. Thus, any successful attack against the larger half will gain minimal access, even though the pair of programs will be capable of performing privileged operations.

See also

• Principle of least privilege
• Confused deputy problem
• Privilege escalation
• Defensive programming
• Privilege bracketing
• Privilege revocation

External Links

• Theo de Raadt: Mitigation Techniques in OpenBSD slides
• Niels Provos, Markus Friedl, Peter Honeyman: Privilege Escalation paper