I’ve been somewhat remiss of late in my focus on what I consider to be a very important aspect of the discipline of software development, namely least privilege. I was fortunate to have one of the great folks in my local developer community, Randy Hayes, join me last Friday for my FAQ Friday webcast, and we focused on developing with least privilege, something that I’ve spoken out passionately about in the past.
The event reminded me that I’ve been meaning to post a link to a cool new tool in the arsenal of any developer looking to ensure that their application will function correctly when run by a standard user (and that should include pretty much ALL developers, IMO), namely LUA Buglight. LUA Buglight is a tool created by fellow Microsoftie Aaron Margosis, who is one of the most passionate advocates of least privilege that I know. He also created a very useful utility called MakeMeAdmin that makes it much easier to run as a low-privilege user in Windows XP while still being able to accomplish necessary admin tasks.
Two things to note:
- LUA Buglight is pre-release, so consider it a work in progress
- LUA Buglight is not an official Microsoft product, nor is it supported by PSS.
With those caveats in mind, I encourage folks to take a look at LUA Buglight, as it promises to be very useful in identifying LUA bugs, which can otherwise be very tricky and time-consuming to locate and kill.