Overview#Privilege Conflict or (Permission Conflicts) appear when two or more Access Control rules result in the conflicting decisions of permitting entities Access Requests by either direct or indirect (inherit) access assignments.
Privilege Conflict often arise when such methods of "nested" Permissions are involved. If Group "A" is permitted to access file "One" and Group "B" is denied access to file "One", then does a member of both group "A" and group "B" have Authorization to file "One"?
What is important is that these permissions are correlated and the resulting correlation is definitive. Further this correlation must be understood by all those who would perform Access Control for the groups.
Separation of Duty is a concept used to implicitly avoid Privilege Conflict.