Raymond Chen (at Microsoft), for example has written repeatedly about incidents he spent lots of time investigating where your first instinct is "That's not a bug" and the eventual outcome was "Yup, that's not a bug" but it was a security ticket and so Raymond doggedly chased down every aspect to make sure it isn't a problem.
He mostly invokes the Hitchiker's Guide quote "It rather involved being on the other side of this airtight hatchway" to suggest that often the problem in these bugs is that they have a step where you've legitimately got privileges, and then they use those privileges to... do something you legitimately need privileges for. That's not a bug, if you try it without the privileges it doesn't work, but Raymond has to walk through all the steps seeing whether anything surprising is going on.
Now, whether engineers at a corp actually get given the space to do this stuff is an executive policy decision. Maybe at Apple not enough of them do, I can't say. But if it doesn't get done you are sooner or later going to miss cases where it _sounds_ like it's not a bug but actually there's a serious bug if you looked closely.
He mostly invokes the Hitchiker's Guide quote "It rather involved being on the other side of this airtight hatchway" to suggest that often the problem in these bugs is that they have a step where you've legitimately got privileges, and then they use those privileges to... do something you legitimately need privileges for. That's not a bug, if you try it without the privileges it doesn't work, but Raymond has to walk through all the steps seeing whether anything surprising is going on.
Now, whether engineers at a corp actually get given the space to do this stuff is an executive policy decision. Maybe at Apple not enough of them do, I can't say. But if it doesn't get done you are sooner or later going to miss cases where it _sounds_ like it's not a bug but actually there's a serious bug if you looked closely.