<P> As implemented in some operating systems, processes execute with a potential privilege set and an active privilege set . Such privilege sets are inherited from the parent as determined by the semantics of fork (). An executable file that performs a privileged function--thereby technically constituting a component of the TCB, and concomitantly termed a trusted program or trusted process--may also be marked with a set of privileges, a logical extension of the notions of set user ID and set group ID . The inheritance of file privileges by a process are determined by the semantics of the exec () family of system calls . The precise manner in which potential process privileges, actual process privileges, and file privileges interact can become complex . In practice, least privilege is practiced by forcing a process to run with only those privileges required by the task . Adherence to this model is quite complex as well as error - prone . </P> <P> The Trusted Computer System Evaluation Criteria (TCSEC) concept of trusted computing base (TCB) minimization is a far more stringent requirement that is only applicable to the functionally strongest assurance classes, viz., B3 and A1 (which are evidentiarily different but functionally identical). </P> <P> Least privilege is often associated with privilege bracketing: that is, assuming necessary privileges at the last possible moment and dismissing them as soon as no longer strictly necessary, therefore ostensibly reducing fallout from erroneous code that unintentionally exploits more privilege than is merited . Least privilege has also been interpreted in the context of distribution of discretionary access control (DAC) permissions, for example asserting that giving user U read / write access to file F violates least privilege if U can complete his authorized tasks with only read permission . </P>

Computer access privileges for users should be assigned on what basis