Not pick nits, but I'm going to pick nits (with no offense intended) :-)

Tom writes:

>XL's don't have privileges, programs have them.

Partially correct. Programs have capabilities and privileges, and XLs
do have privileges.

>To determine what privileges a program has, run LINKEDIT and do a LISTPROG
>on the program file.

LinkEd> listprog backuppl.pub.orbitusa

PROGRAM        : BACKUPPL.PUB.ORBITUSA
XL LIST        :
CAPABILITIES   : BA, IA, PM, PH
NMHEAP SIZE    : 4000000

[snip]

PM in CAPABILITIES indicates the program has priv mode.

LinkEd> listxl bogusxl.pub.orbitusa

LIBRARY NAME   : BOGUSXL.PUB.ORBITUSA
XL LIST        :
VERSION        : 85082112
MODULE COUNT   : 4
MODULE LIMIT   : 10

..

Sym                       C H X P Sym    Sym        Sym     Lset
Name                              Type  Scope      Value    Name
----                      - - - - ----  -----      -----    ----
PROGRAM                   3   3 3 pri_p univ       00022130
_start                    0   3 3 sec_p univ       0002214C
alloc_code_space          3   3 2 entry univ       00022000
create_object             3       stub  ext     lp+00000020

[snip]

In the above listing, note the X and P columns. That indicates the
execution privilege level and the call privilege level of the routines.
(Execution privilege level is what ring it will run at, call level is what
ring the calling routine must run in order to call this routine). So, in
the above example, alloc_code_space is callable by user mode (ring 3), but
runs at privileged ring 2.

You need to scan each of your XLs (and the program) to see what is running
at ring 2 or higher. Also note that XLs containing privileged routines need
to be in a privileged group.

There are other tools to extract this information from your programs and
XLs, too.