> To secure a machine from malware introduced by a naive user it is > required that naive users not have the privilege to introduce > software that can be executed by them or by other naive users.
I would disagree. There's nothing wrong with allowing naïve users to introduce software they or others can execute - provided its execution is appropriately sandboxed. Trouble is, _that_ is hard. Java in web-browsers tried it, and gave us bugs in the jvm sandbox. Also, what the sandboxes should permit the sandboxed software to do varies from site to site, and in some cases from machine to machine, and some of those sites don't have anyone competent to figure out what the restrictions should be for them, much less correctly configure the sandbox to implement them. /~\ The ASCII der Mouse \ / Ribbon Campaign X Against HTML [EMAIL PROTECTED] / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B