Restricting the network

First, let me say that as a sysadmin, I think being able to restrict less trusted software's access to the network (or / and setuid programs) would be a great boon.

But (and this is a very big but), we need provable security. What we have with this feature, chroot, setuid, virtualization, etc. is the computing equivalent of security theatre. Don't get me wrong, it is pretty good security theater... these changes set "bad guys" back months, maybe years until someone learns how to escape the most recent jail or virtual machine.

We more people to learn about and push for true capability systems that fundamentally tie permission to manipulate an object with the object itself. The projects I was cheering for (most recently CoyotOS) have fallen by the wayside, while the we all suffer from ACL systems security flaws.

As a side benefit, capability systems would tend to reduce the 'unintended consequences' issue.

Note: I'm speaking about the capabilities described here: http://en.wikipedia.org/wiki/Capability-based_security and not the kernel capabilities system currently in place.