Follow
With Microsoft Windows, people push for least privilege in the sense that you should use a standard user account and when permission elevation is required, enter the password to the local admin account when the elevation prompt appears. In the Linux world with the sudo command, least privilege isn't relevant correct?
@redcoqui Yes and no. Sudo, while theoretically using the principal of least privilege, is super easy to steal from a user. Doesnt take more than a couple lines of code to take a user's sudo password and do just about anything that you would want with it - all generally without the user knowing anything. The default user generally has more permissions than they need as well.