Privilege Seperation is a technique that reduces the risk of a root compromise for daemons that require root privileges. The idea is to split the daemon into a privileged and non-privileged part. The latter does the bulk of the work.