The method of granting users directly in traditional content management system is simple to implement, whereas it's difficult to manage. The method of RBAC enhances the flexibility and scalability of privileges management. However, it may lead to the leak of privileges. To slove the problems, this paper proposes a ECMSAC model, based on RBAC. It brings in applicable Least Privilege Theorem, reduces the likelihood of privilege's leak and boosts the security of CMS.