Just to elaborate a little, consider the formatting of your hard disk... This operation should only be possible for the owner of the machine - the administrator.
Now we all know that security problems in application such as web browsers might lead to an attacker being able to run some program from the compromised web browser process... If the user who runs the hijacked browser has admin privileges then can do all sort of mischief to the computer which runs the process.
However, if the user who runs the process is not allowed to do these things, the compromised process cannot do it either.
Of course this is only one small part of security, and is not a magic bullet. It's a start though.
|