A system for implementing a super-user-compatible privilege security
policy on a computer operating system is disclosed. The system includes a
kernel for enforcing a security policy on processes, based on privileges.
The system also includes a privilege model that interfaces with the
kernel and implements a framework in which super-user based processes and
privilege based processes transparently interface with the kernel. The
privilege model includes several privilege sets associated with each
process, a privilege awareness property state associated with each
process, the property state indicating whether or not a process is
privilege aware, and a software module for automatically modifying the
privilege sets and the property state, on a per process basis, based on
individual process behavior.