Outstanding article! Very thorough with great references for further information.
I agree with Brian's post -- that's the most infuriating thing to have applications that demand dbo, or worse, sysadmin access. There is no reason any application (with the exception of admin utilities) should require this level of access. I'm often asked to evaluate software for clients, and this one is a deal-breaker from my point of view.
The Windows world really has to get use to the idea of having to explicitly set permissions to resources required. Windows Server 2003 has done a much better job at forcing you to explicitly set NTFS and Share permissions, and Yukon is moving in the same direction. The problem is that we, as administrators and developers, need to get in the habit of doing this regardless of what the platform forces you to do. This isn't a technology problem, it's a process problem.
OK, my 2 cents, I'll shut up now. Again, great article!