[CJefferson]

How easy is privilege separation nowadays? Are there any cross-platform libraries (well, cross-unix at least)?

Most programs I write I would be happy, fairly soon after startup, to drop to "just read and write handles I've already got". It would make me feel much better about my badly written parsers!

[viraptor]

Cross-unix no. But pretty much every Linux distribution supports seccomp these days.

[brynet]

Privilege separation is achievable by using separate unprivileged users. If root is required, fork and drop root and then use something like OpenBSD's imsg(3) API to properly pass resources between the privileged parent and unprivileged child processes.

If you want to go a step further and sandbox, use setrlimit(2)/chroot(2). And if it's appropriate, use technologies like systrace(4) or Linux seccomp(2).

There are many examples of this in OpenBSD's base system, including some most people don't know about.. like tcpdump(8)