This disclosure relates in general to the field of computer security, and more particularly, though not exclusively to, a system and method for temporary process deprivileging of unknown processes.
Many modern operating systems have a concept of “privileges,” in which certain objects such as processes are granted specific privileges based on attributes of the files themselves, and on the identity of the processes and the user who launched the process. Examples of privileges include read, write, list (for directories), and execute (for executable files or scripts). In many cases, these are manually assigned by a system administrator, via commands like the Unix “chmod” (change mode) command, or they are inherited from a parent file or directory.