The principle of least privilege states that subjects, such as users, are only given the minimum necessary number of privileges to carry out their assigned job role and tasks. This applies to both executing tasks and assigning access privileges to data, including files.
This principle is an effective way to protect the integrity and confidentiality of data. An example is assigning only the required privileges to the application user or service account on the host operating system. This user or service account should only have the privileges and access necessary to execute the tasks to successfully run the software and any relevant operations.
Another example is not giving regular users excessive administrator privileges, since a compromised administrator account can cause more damage than an account with fewer privileges. For instance, preventing regular users from being able to change IP configuration settings or other network-related settings is an example of least privilege because regular users should not need the capability to change network settings.