Switching Between Privileged and Non-Privileged Contexts
What does this have to do with the sacred principle of least privilege? Well, a bit of background first.
In the UNIX world, the root account is the equivalent of the NT/2000 administrator account. It has full privileges. UNIX folks know that in the UNIX world, administrators almost never log on directly as root; instead they log on under a non-privileged account and then su to root as necessary. When you su to root, your non-privileged shell temporarily becomes a privileged root shell in which you can do whatever you need, and then you close the privileged session.
Note
su is short for substitute user—a utility that allows you to switch to the all-powerful root account in UNIX to perform ...
Get Microsoft® Windows® 2000 Security Handbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.