Authors argue these are operating system, not application issues and should be handled by providing operating system support.
Current Operating System support is inadequate---not enough flexibility. Unix provides coarse permissions of "root", "all", and a single group permission.
Approaches Unix uses to overcome this inflexibility: setuid()/setgid(), chroot().
Unix violates the "principle of least privilege," which states that a process should have access to only the set of object it needs to accomplish a task.
Goal: Flexible security mechanisms that restrict access of system resources to the absolute minimum necessary. How to define and realize?