A principle of software design that programs and systems should be split into components, each of which has only those operating system privileges it needs to perform its proper functions. This reduces the damage that can be caused by a bug or by vulnerability in one component. Least privilege is often enforced using process ownership and file permissions.