1) can access/write local files?

2) can access/write a specific folder?

3) can access network?

4) can access gateway/internet?

5) can access local network? (vlans would help here)

6) give access to USB devices

7) needs access to the screen? -> giveframebuffer access / drawing primitive

8) Need to write? Use an overlay FS that can be checked by the host and approved

9) sub processes can never escalate permissions

By default: nothing. But unfortunately, it’s always by default allow.

Also, make it simple to remove the permissions again.