> [T]he security model on Unix (and Linux) is to trust your applications
If that were true, httpd (and all other system daemons) would be run as root and neither the 'nobody' user and group nor the various security-related X11 extensions would exist.
Anyone who has worked in this field for more than a few years (regardless of their era of entry) knows that nontrivial programs are faulty and can happen to or be induced to do things that are harmful in varying degrees to the operation of the computer that runs them.
If that were true, httpd (and all other system daemons) would be run as root and neither the 'nobody' user and group nor the various security-related X11 extensions would exist.
Anyone who has worked in this field for more than a few years (regardless of their era of entry) knows that nontrivial programs are faulty and can happen to or be induced to do things that are harmful in varying degrees to the operation of the computer that runs them.