That's... somewhat hardcore for most applications.

Also it's also not what most people mean by "untrusted". From a low level hardware standpoint though... assuming user-land code isn't trustworthy IS a good guideline.

Purposefully misunderstanding what people write in an effort to be a smartass is a sure-fire way of creating security issues.

No, "ALL" code is not untrusted. There's varying degrees of trust. I'd encourage you to stop trying to win the argument through platitudes and do some research instead, but I'm not sure you're interested.