In many operating systems such as Unix , access rights to resources such as files are governed by a simple approach. Accourdingly, workarounds have been created to elevate permissions for users (su/sudo) or the setuid bit to run a certain program with superuser privileges . All these approaches are workarounds for flaws in the original design, which were necessitated by the restricted resources available on the original PDP11 systems Unix was developed on. In systems research, a number of approaches have been implemented such as Clans and chiefs  in L4, which are considered complex to handle and were moderately successful.
A model that is more flexible are capabilities , which are implemented in research operating systems such as EROS  and L4 . However, capabilities also come with a set of problems in concept and implementation, discussed in . An orthogonal approach to system security is the formal verification of the correctness of an operating system. This is a complex endeavour; so far, only the L4 microkernel has been formally verified in the form of the seL$ kernel .
The OS kernel needs to build security models based on security features the hardware provides and create additional abstractions based on these. It is important for the security and performance of a system to match these well. Still, this is not a fail-proof way to build secure systens, as the hardware itself may show unexpected problems, such as side-channel effects resulting in the recent Meltdown and Spectre attacks .