Comment It already exists (Score 1) 584
It's called a Java applet: every applet either runs within a very strict sandbox (even stricter than Javascript itself by the way), or the application manifest must declare and request any further access. Even better, this is only allowed if the application has been digitally signed by the software vendor.
In practice it never worked, because:
In practice it never worked, because:
- 1) The default rights could be modified by the user, which meant that the vendor never got quite sure what was going to happen practically at run-time;
- 2) As a consequence, application vendors never bothered to use individual permissions: they requested "full access right" and damnit. Even Sun (I mean Oracle) demo's do exactly that;
- 3) Anyway, users got not idea what "accessing local files" meant, and just blindly clicked on "agree" as usual;
- 4) And even if vendors really tried hard to play it nice, what was actually allowed by default, how to practically request additional privileges, and how to provide the signature: all these got modified through each major version of Java during the early days, and therefore everybody just gave up (even though it is very stable by now, nobody cares anymore).