The principle of complete mediation requires that all accesses to objects are checked to ensure that they are allowed. Whenever a subject attempts to access an object in anyway, the operating system should mediate the action. First, it determines if the subject has permission to access the object. If so, it provides the resources for the access to occur. If the subject tries to access the object again, the system should again check whether the subject can still access the object at that time. Most systems do not conduct the second check. Instead use the results of the first check, and base the second access upon the cached results. This may lead to security breach if the access permission changes in between the first and second check. Complete mediation requires each action to be mediated regardless of previous interactions.

Example 1: When a UNIX process tries to read a file, the operating system determines if the process
is allowed to read the file. If so, the process receives a file descriptor encoding the allowed access.
Whenever the process wants to read the file, it presents the file descriptor to the kernel.
The kernel then allows the access. If the owner of the file disallows the process permission
to read the file after the file descriptor is issued, the kernel will still allow access.
This scheme violates the principle of complete mediation, because the second access is not checked.
The cached value is used, resulting in the denial of access being ineffective.