Run your program with the least permissions possible.

You have a choice of how you want to run your program. And by that, I mean which user account will be associated with the running application and what permissions will it have. It’s usually a good idea to run with as little permissions as possible. Because an attacker has a goal in mind and doesn’t care how that goal is accomplished. As long as the attacker gets the desired outcome, then any available method to achieve that is open for use.

Think of it like this. Imagine that an attacker has a secret mind control weapon that can be used to to take over one employee at your company. Do you think the target will be the junior assistant office manager? Or the company president? Now maybe the attacker doesn’t have an opportunity to use the mind control on the president and has no choice but to choose somebody else. If the junior assistant office manager falls under the control of the attacker, then any documents that person has access to will now be available to the attacker. And anything that was not granted to the office manager will remain unavailable to the attacker.

Listen to the full episode to learn how this applies to your application and what role the filesystem has. We’re not talking about imaginary mind control beams anymore. This is real and something you need to be aware of when writing your code. All it takes is a simple link in the filesystem for an attacker to exploit.