I was going to bring in some secure systems used by the military to lock down defense system, and I don't mean administrative LAN stuff but that is typically outside the scope of discussion here. Then again maybe I am wrong to assume that.

I agree with you, we all tend to reduce this issue to a simple answer and then leave it to just a single choice, typical Nix versus typical Windows.

There are some advance operating environments out there with fail safes, such as you described. There are even more that are still theoretical. I mean when was the last time you heard of a military satellite being hijacked or an accidental rocket launch? These things are running an OS no one else has, and it’s locked down into compartmented access.

After considerable thought, I have tried over the years (deflating my ego) to clearly define admin and operator duties and keep them separate. That is more of a policy issue in my case because I do not use any of the advanced operating systems you have mentioned. I have even gone to the point of having secured physical access to a console by entrusting to third party individuals with absolutely no ties to me.

An excellent case point you have presented