Shaun, While I've just been skimming this discussion, I felt the need to respond to one of the points you make: > While I can see your point here, from the OS's perspective a user doesn't > need to be protected from themselves. On the contrary -- process separation is one of the fundamental concepts in modern operating systems. If you have the misfortune of remembering the DOS 5 / Windows 3.0 days, you'll appreciate how important this function is. The need to protect the user from something running with their privileges is also important for protecting against Trojan horses, such as Outlook-based mail worms. The easiest way to protect against such attacks is via sandboxing. While I personally would like to see such sandboxing functionality integrated directly into operating systems, it can be added via a third-party extension, such as Janus for Solaris and Linux, or one of the PFW products for Windows. Terry use StandardDisclaimer.pm
