A critical but overlooked matter
One of the most important areas where restricted rights is critical is in the web browser. The whole world (statistically speaking) allows anyone to run untrusted and essentially unverifiable scripts on your computer when you visit a web site. As JS is, and has been for ages, the primary vector for practically all client side compromises, this doesn't seem a very good idea. However it's increasingly being forced on everyone by web developers, even to the point where without scripting enabled web services simply don't function at all. So we're being forced to expose ourselves to compromise just in order to use the web, despite in many cases the function being offered being implementable safely and effectively without the use of scripting at all (e.g. loading images, displaying menus, submitting flat forms).