Worthy Project, but for whom?
Configuring anything (computer, car, bookshelf, etc) can be a difficult and time consuming and may require expertise in the applicable field. However, how often do you reconfigure you Linux box? Obviously this answer varies enourmously.
For the home hobbist, it may be hourly and the convience of remote GUI is a godsend. For others, the inconvience of once a week/month/year going and logging on directly to administer a change is a small price to pay for the lack of daily security headaches.
The issues of configuration and ongoing maintenance should already be solved long before a system is implemented into a "production" environment, in most cases it probably boils down to 'change this line in this file here' as the only modification ever done on an ongoing basis, despite the fact that the machine itself may have several hundred customised/standard configuration files.
I'm lucky enough to use Linux for work and play, but my approach to configuring it for work and play is completely different.
Re: Preventitive Security is nice..
> behavioral control were implemented on
> the Windows platform, then you could
> constrain the execution behavior of
> Outlook so that it wouldn't spew email
> out in response to opening an
> attachement. These two actions
> shouldn't be related.
But an email program should be expected to send
and receive email, read attachments and access
the users address-book. How would behavioral (
and/or access) control help in this case?