>Thoughts ?

Sounds good.

If it can be done in such a way that there is minimal
performance hit for the "I really don't care about security" option
I can't see that anyone would be against it.

As for the "gee I'd like to be able to provide a really controlled environment 
for untrusted users" crowd (eg. most corporates with vendor support folk 
logging into their systems.)  It would be very nice.

--sjg