I was about to ask for the same thing. All best practices within the security domain point towards multiple layers of security, simply to have some fallback if one mechanism is compromised.
i don't have any example over this part. Maybe the OP has...
Still, a layered approach is great "on paper" (and probably the best actual solution we have atm), but it is only great in practice if it's well coded and the op is right that in lots of cases there are numerous flaws.
yes, you have failsafes on the layer bellow, but then again... it's just another "challenge" to find the flaw...
If we have a simple and effective code (à lá unix: do one thing, do it well), that has the possibility of becoming more effective that "flawed layers".
yeah... we can have multiple - simple - layers... but again... that will also raise the possibility of unforeseen flaws...
all in all: it's always a double-edged sword...
you're right and the op is right XP
(unless the layered approach is actually really really well coded!!! That's the ideal... but not many can do it!!! - i surely can't ahahah)
This is actually completely contrary to documented best practices. Best practices involve a lot of layers and processes. Defense-in-depth is best practice.
My experience is that only helps if each layer is carefully designed and analyzed at a level impractical for most real-world systems.
In most cases, unless you're designing Unix from the ground up, the better approach is KISS.
What you say is well documented and you made a reasonable comment!
The bigger the software, the more likely it is to be exploited...