Match isolation strength to the user's capacity for oversight. A developer who can read bash and a knowledge worker who can't are not running the same threat model.
行动建议:根据用户的技术能力调整隔离强度。为技术用户(如开发者)提供需要专业判断的权限控制,为非技术用户提供绝对且始终开启的边界。这种匹配用户能力的策略能够有效避免因过度信任或过度摩擦导致的安全失败。