can't find the book, think a mate has borrowed it and i've forgotten.
Your right i thought it was only when it from a foreign zone.
But then you'd have to have some signing mechanism, and it would become an attack vector so fast.
Lets pretend there was some badly written software that seamed to insist on running as admin for no good reason, now this software has say an xml config file which specifies the modules which are late bound loaded. All of this would have to be covered by the security model.
It would be a real problem because of the piss awful developers.