Re: No magic bullet
you may have a system where root needs to administer the actual computer, but you wouldn't want the root user to have full control over the system; for example you may have sensative information on there, which the systems administrator may not be authorised to read.
Permissions cannot solve that, ever.
If a user has full control over the computer, then that user can always look at the content of any file they want - worst case, they can go look at the raw bytes on the disk.
The only way to secure data against unauthorised access is to encrypt it and keep the decryption key secret - and not on the computer.
That has no bearing on what "root" or "admin" privileges mean.