Significant improvements might be obtained by intelligent optimisation of the legal environment. For example, server should not delete eternity files without manual approval from a security officer, whose logon procedure should require him to declare under oath that he is a free agent, while the logon banner states that access is only authorised under conditions of free will.
Thus, in order to log on under duress, he would have to commit perjury and (in the UK at least) contravene the Computer Misuse Act as well. Courts in most countries will not compel people to commit perjury or other criminal offences.
We refer to this protection measure as a `perjury trap'. It might be useful in other applications as well, ranging from root logon to general systems to the passphrases used to unlock decryption and signature keys in electronic mail encryption software like PGP.