- The program was started under a privileged user ID. Many daemons and network servers, which are typically run as root, fall into this category.
- The program has its set-user-ID or set-group-ID permission bit set. When a set-user-ID (set-group-ID) program is execed, it changes the effective user (group) ID of the process to be the same as the owner (group) of the program file.
38 Writing Secure Privileged Programs
38.1 A Checklist for Secure Programming