I posted about this in the past. After some discussion and thought, I finally realized that, duh, access modifiers really have nothing at all do with security (except maybe that we should be more skeptical of our state).
Granted, a few enlightened souls posted something to this effect in response, but I have a bad feeling about the Slashdot community hearing about this and this "security hole" being used as ammunition in the FUD campaign against .NET.
As they say, a little knowledge can be quite dangerous.