R035. Manage privilege modifications
The system must not allow system actors to modify privileges for themselves.
Systems should usually have a set of roles with different levels of privilege for accessing resources. The privileges of each role must be clearly defined and the role of each user should also be clearly stated. Furthermore, users should not be allowed to modify their own privileges, as this could be leveraged to access otherwise restricted functionalities and resources.
CWE-267: Privilege Defined With Unsafe Actions A particular privilege, role, capability, or right can be used to perform unsafe actions that were not intended, even when it is assigned to the correct entity.
CWE-269: Improper Privilege Management The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
OWASP-ASVS v4.0.1 V4.1 General Access Control Design.(4.2.3) Verify that the principle of least privilege exists - users should only be able to access functions, data files, URLs, controllers, services, and other resources, for which they possess specific authorization. This implies protection against spoofing and elevation of privilege.