What happens if you can palm the bouncer a twenty and have a larf anywhere you want?
And by that, I mean, the more complex and lengthy the code, the more likely it is that an overworked corporate stooge decided to cut some corners and make some mistakes. And then suddenly one chunk of Perl later and a clever 16 year old has remote root on boxen on your network.
This kind of security measure is a house of cards, and really, it's only thanks to built-in protections in hardware that we're not overrun with new buffer overflows every day.
Poor configurations set up by idiot systems administrators, bad code by stupid programmers, and moronic users in general are the problem, and no matter what you have installed, they'll find ways to mess it up.
Sorry, but I'm tired of people selling us snake oil.
AC, because I can.