> Yes, I understand that it's a pain for new Chrome developers to have to understand the permission system among other things. I liked the easy ACLs of Chrome when I started.

That's a good thing IMO. Anyone who doesn't understand permissions and how to handle them, shouldn't be able to release anything in any app store.

You probably knew this, but you can write and distribute Chrome extensions without having to upload them to the chrome app^Wweb store.

Second, I've tried to work twice with Doing-It-Right (i.e., fine-grain) permission systems. Once with apparmor and earlier with SE Linux. With AppArmor, I wanted to set up rules to prevent Skype from reading any except a couple of directories. The sheer number of permissions I had to configure was exhausting and I gave up. Maybe I missed something simple, but that's why I'm not clamoring for the current simple, but coarse-grain permission system to be abandoned.

Well yes, grown-over-time permission systems are also at fault when it comes to the lack of security in third party extensions/apps. IMO unix is still the standard in terms of simplicity and power of permissions - if the system architect separates concerns correctly into different base entities ('files'), the permission system just falls into place. You know what other system did this pretty much perfectly? Lotus Notes. Yes, I'm serious - it's a document based DBMS with per-document permissions where everything is a document, including the application design, contacts, logs, calendar entries. Too bad its UI is still stuck in the early 90ies.