Er that's exactly how macOS works already. The App Sandbox stuff bounces through the kernel if something asks for access and you can say "no thanks". It's basically a proper Mandatory Access Control framework.

And the apps themselves are shipped in isolated bundles containing all their resources, which may include other binaries/libraries etc.

▲

JustExAWS a day ago | parent [-]

It’s only how App Store apps work.

There is nothing stopping a popular video conferencing app that you install from the web from surreptitiously installing a web server on your computer leading to a security vulnerability.

https://michael.team/zoom/

	▲	crinkly a day ago \| parent [-]
		It’s not. They changed a lot of stuff in Sequoia. I know this because it broke something I rely on and I had to go fix it. It can’t even open a file without the correct entitlements and code signing done and permission granted by the end user.