Overview#Secure by design is a policy for design where the system is designed from the ground up to be secure.
Malicious attacks are taken for granted and design care is taken to minimize impact when a vulnerability or invalid user input is encountered.
Secure by design generally implies that everything works with the least amount of privileges possible.
For example a Web server that runs as the administrative user (root or admin) can have the privilege to remove files and users that do not belong to itself. Thus, a flaw in that program could put the entire system at risk. On the other hand, a Web server that runs inside an isolated environment and only has the privileges for required network and filesystem functions, cannot compromise the system it runs on unless the security around it is in itself also flawed.