Skip to content
Programming Glossary
Software Principles Glossary
Principle of Least Privilege — Explained with Examples

Principle of Least Privilege — Explained with Examples

DodaTech Updated Jun 15, 2026 2 min read

The Principle of Least Privilege (PoLP) states that every component should operate with only the minimum access rights necessary to perform its function.

Least Privilege is a security and design principle that applies to user accounts, processes, APIs, and microservices. A process that only reads data should not have write access. A user who only processes payroll should not access HR records.

Why Least Privilege Matters

If a component is compromised, its damage radius is limited to its assigned permissions. A read-only database user that gets compromised can’t delete tables. A CI/CD token that can only deploy to staging can’t touch production. Least privilege is the single most effective defense against privilege escalation attacks.

Real-World Analogy

An office building with keycard access. A cleaner has keys to the floors they clean but not to the CEO’s office or the server room. If the cleaner’s keycard is stolen, the thief can’t access sensitive areas. Least privilege applies the same logic to code.

Example: Least Privilege in Code 

# Violating least privilege — too many permissions
import os

def backup_database():
    # This function only needs read access, but has root
    os.system("mysqldump -u root -p secret --all-databases > backup.sql")
# Following least privilege — minimum access
import subprocess

def backup_specific_database(db_name):
    # Create read-only user for backups
    command = [
        "mysqldump",
        "-u", "backup_user",           # read-only user
        "-p" "backup_pass",
        "--single-transaction",
        db_name
    ]
    subprocess.run(command, capture_output=True)

    # backup_user has only SELECT on this specific database
    # Cannot CREATE, DROP, or modify data
# Python example — function scope
def process_report():
    # Internal helper — not exposed outside module
    def _read_sensitive_file(path):
        with open(path) as f:
            return f.read()

    # Main function only accesses what it needs
    data = _read_sensitive_file("report.txt")
    return generate_summary(data)

Related Terms

Encapsulation, Defensive Programming, Fail Fast

Previous Encapsulation — Explained with Examples Next Defensive Programming — Explained with Examples

Built by the developers of DodaTech

Doda Browser, DodaZIP & Durga Antivirus Pro

Home Browse Software Principles Glossary