Default-Allow vs Default-Deny

When implementing role-based access in an application, we often face a fundamental choice: should access be denied by default or allowed by default? In practice, this means deciding whether every capability starts as false or true. There is no single...