Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control. 699 Category ChildOf 254 Architecture and Design Separation of Privilege Follow the principle of least privilege when assigning access rights to entities in a software system. M. Howard D. LeBlanc Writing Secure Code Chapter 7, "How Tokens, Privileges, SIDs, ACLs, and Processes Relate" Page 218 2nd Edition Microsoft 2002 Permissions, Privileges, and ACLs 17 35 5 58 69 76 PLOVER CWE Content Team MITRE 2008-09-08 updated Relationships, Taxonomy_Mappings CWE Content Team MITRE 2010-02-16 updated References CWE Content Team MITRE 2011-03-29 updated Relationships CWE Content Team MITRE 2012-10-30 updated Potential_Mitigations