In a similar way, removing read permissions on a file won't prevent reading of the contents through an already open file handle. That may seem insecure, but the property can be used to enhance security. If a process needs to read from or write to a protected resource, it can start life as root, open the resource appropriately and then drop privileges. The now unprivileged process still has privileged access through the open file handle.