Definition
Plain language
The security rule of giving someone exactly the access they need and nothing more.
As stated in the literature
A security principle of granting each component the minimal permissions required; over-granting increases blast radius if a component misbehaves or is hijacked, and is measured as a first-class metric in agent-management benchmarks.
Why it matters: It matters because tight permissions shrink the damage if a component is buggy or hijacked.
For example, a script that only needs to read one log file is given read access to that file alone, not the whole system.
Heard on the show
“So for the first time, least privilege becomes a number.”Episode 190 — The Skill Every AI Manager Is Missing: Handing Out Exactly the Right Keys