> One of the most blatant proof that software engineers don't understand security
Maybe they understand, but they also know the consequences, i.e. you can spend massive amount of time checking if you have rights to do what you are about to do - and it can take a lot longer to do those checks than do the initial job.
At a low level, you can check if a memory pointer points to an acceptable part of memory each time you are going to get its content.
At a medium level, you can spend a lot of time checking stuff about a hard disk sector read: do you have the right to read it, does it contain the right stuff, has it been corrupted since it has been written on the hard disk.
At a high level, you can spend massive amount of time to check if any file in your file-system contain a virus, or if your file-system is corrupted.
Now those software engineers may be people who are using their computers, more than writing an E-mail times to times, and even with an up-to-date hardware it just takes 3 hours CPU time to regenerate the 10 Gbyte tree to produce the good output file, you may need 3 versions of those output files, and the night in between days is not that long.
Add all the "security" you are talking of, and it will take weeks to get one of these output file - people have tried that on other Operating Systems. I am not sure people have been more secure on those other OS.