> since when has it been acceptable to break significant functionality
> in the name of security?

That was done when non-executable stack went in in the first place.
That was done when non-traditional-DES password hashes went in (the
functionality broken being having hashed-password sharing Just Work
between NetBSD and practically every other Unix variant in existence).
That was done when chrooted FTP daemons came into use.  I'm sure
someone familiar with the detailed history of security changes could
come up with plenty more examples.

Security (almost) always involves breaking functionality whose abuse
potential is considered a greater harm than its non-abuse use potential
is a good.  (And that's a tradeoff that can change, and has changed,
with time.)

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse@rodents.montreal.qc.ca
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B