Security on the OLPC laptop

This Slashdot post links to a Wired article and the spec for the security model for the OLPC XO laptops called Bitfrost. Interesting thing about it is it seems to be following the design philosophay of Principle of Least Authority (POLA). First learned of this security technique this past summer when I heard a talk by it from Alan Karp at HP. It's an interesting approach that makes sense (at least to me).