I think the following items would allow everyone to run in the same mode and still satisfy the security/DRM requirements.

• As mentioned in my previous post, the command prompt runs at the highest privileges with privilege inheritance for the programs the user spawns
• Programs required special privilege to modify other programs
• We just offer even bigger fat warnings when installing an app that requires such privilege, requiring the user to type in "I acknowledge surrendering my soul" to accept
• We just produce a one-time "Zombies Ahead" warnings (instead of errors) when a package's signature (OS or user) fails to match

How much security would this cause us to lose? What other positive or negative impact might it have?

Examples of how DRM would break

• Modify kernel, gstreamer, etc to capture music
• Remove the checks on OVI apps so they run even if you copied them from a different device

I do admit and shed no tears that DRM could be broken with this model, but this is about a security framework and showing respect to your customer rather than living in late-90s early 200X's and treating your customer like "the evil hard-bitten criminal scum that [they] are" (Weird Al's "Don't Download This Song")