There is a misconception in much of the operating systems community that hardware mechanisms are the only way to ensure system integrity in the presence of malfunctioning or malicious code. The reality is that modern operating systems are strongly dependent on software mechanisms to protect system resources from users. Our position is that software protection mechanisms are not only necessary, but have inherent advantages over hardware for enforcing the protection requirements of an operating system.