A method and apparatus for securing executables and processes having setuid/gid permissions and privileges is presented. A mechanism is provided to track and control operations for files and processes having setuid/gid privileges. A policy rule is defined for controlling the operations on the files and processes. The policy rule is then used to control operations involving the files and processes.