Re: Pro Tip
As a committed UNIX and Linux proponant, I've frequently said that the security model of UNIX-like operating systems is one of it's weakest features. but the flip side of this is that the role based access control systems, where you acquire additional privilege through further authentication is complex, and very rarely used properly or correctly.
This can be seen in the slow take-up of RBAC in the proprietary UNIXes that implemented it nearly 20 years ago, and SELinux, as well as the number of times that it is not used, or not used appropriately in other OSs.
Bearing in mind how many people even working in the industry as a whole don't understand what RBAC is, or how it works, the well understood UNIX-like SUID, uid and euid mechanism, which is basically less complex, and deployed properly by a greater number of people may be preferable.
Of course, the large number of senior application developers who cut their teeth on Windows ME and earlier, who just disable all the security or insist on it running with privilege on whatever platform they're on to get their applications to work properly are a serious problem with many applications. Fortunately, the security message is finally getting through, and the influence of these people is waning, and their legacy applications are disappearing into history.