Let's say we have a calendar web app that we can run in the browser, or as a chromeless popup, or downloaded as a chromeless app.
That calendar.app is a container to all the resources that conform the app, made from html, css, js and varied media (img,audio,video) in plain readable code, which has made the web safer, so everybody can poke under the hood.
That app must explicitly say what resources it will access in a config.js json file but still, all resources will be off by default, so the first time it uses a defined resource it asks the user for permission, like location, network traffic, storage, webcam, mic, etc. and it can never use any resource not defined in the config.js file so no sneaky pics from the cam if webcam is not define in the config.
The app would be sandboxed in its own installation folder and would have access only to its own storage folder, plus, as TBL suggests, a shared storage folder.
This all can be done today, we just need to put all the pieces together, so I see that vision fully implemented in the very near future.
That calendar.app is a container to all the resources that conform the app, made from html, css, js and varied media (img,audio,video) in plain readable code, which has made the web safer, so everybody can poke under the hood.
That app must explicitly say what resources it will access in a config.js json file but still, all resources will be off by default, so the first time it uses a defined resource it asks the user for permission, like location, network traffic, storage, webcam, mic, etc. and it can never use any resource not defined in the config.js file so no sneaky pics from the cam if webcam is not define in the config.The app would be sandboxed in its own installation folder and would have access only to its own storage folder, plus, as TBL suggests, a shared storage folder.
This all can be done today, we just need to put all the pieces together, so I see that vision fully implemented in the very near future.