I did not expect my suggestions would have generated so much discussion!
For the benefit of all, my evolution in terms of operating system and multi-user/security has been from DOS (single user, single) to Windows 3.11 (two users, married), then Windows 98SE (four users, married with pre-school children; separate user folders without log-on), Windows XP (two administrators and two users; married with school-aged children) and currently Windows 7 (one administrator and four users, married with teenagers). This evolution has come naturally from my de-facto geek household role when it comes to computers and networking.
The shared machine situation brings some limitations many having commented here do not appear to have - e.g. my play-time with Haiku is only via LiveCD or USB boots!
My earlier suggestions were in the context of one having enabled multi-user support in Haiku (once available).
Although I never though of it this way, not much changes would be required for a single-user computer:
Default boot privileges/rights level is “User”.
An “User” could temporarily esclate privileges/rights level via a command similarly to the “sudo” command in Linux. Alternatively, installation of software packages could be initiated at “User” level but would still require “Adminstrator” password to go beyond their splash screen.
The log-on for the “Owner” level with full privileges/rights, but with restricted internet surfing rights, would be accessed via a keyboard key press during the boot process. It could be left to the owner of the machine to define if failure to enter the right password returns to the log-on window or skips to the default boot at “User” privileges/rights level.
Furthermore, the owner of the machine could set-up the boot script to have the “Owner” privileges/rights level as default boot with a pre-entered password (if so desired).
The main reason in allowing access to the highest privileges/rights only from a boot is to minimize the risk of installation of a rootkit via privileges/rights escalation by a malicious code fragment. There has been numerous reported exploits of such escalation to “root” in Linux and Windows.
Some more thoughts are required with respect to the desirability of default passwords for the “Administrator” and “Owner” levels and how to support this in a LiveCD or USB boot. That’s for another day.