> You could instead require the app to be part of the OS.

That almost sounds like you're advocating for the abolishment of third party or user-made apps that can make changes to the system without the approval of the manufacturer.

▲

charcircuit 3 days ago | parent [-]

This is about being able to read any file on the system including things like the user's bank authentication tokens. No 3rd party developers should be able to read bank authentication tokens. The OS should create a safer API for 3rd parties to use for the use case they want.

▲

_flux 3 days ago | parent [-]

Doesn't this just move the bucket: which processes should the OS grant access to that API?

In any case, if the purpose is to make a backup of the system, it seems the possibility to read all and every file as original as possible seems rather critical, in particular if we want to take advantage of e.g. content-based addressing -based deduplication in the backup application. And we in any case want to restore that backup to an empty computer, so there really are no places to hide the encryption keys in such a way that they cannot be read from the backup.

	▲	charcircuit 2 days ago \| parent [-]
		You don't need to backup every file. It's a reasonable compromise to require users to login to their bank again when switching to a new computer.