3.  Access control

      The printer system maintains protected spooling areas so that users cannot circumvent printer accounting or remove files other than their own. The strategy used to maintain protected spooling areas is as follows:

      In practice, none of lpd, lpq, or lprm would have to run as user root if remote spooling were not supported. In previous incarnations of the printer system lpd ran set-user-id to daemon, set-group-id to group spooling, and lpq and lprm ran set-group-id to group spooling.