I was reading some article on the web and found this article:
Basically, it describe a mechanism to restrict privileges and sandbox
any application by providing
whatever GUI dialog box needs to run for any given application.
Mainly, creating an easy-to-use transparent way of sandboxing application by default.
Maybe we could do something similar in KDE.
Since currently, most GUI application runs with "user priviledge",
which means any app can see any files in your $HOME directory
or mess with it.
I know that currently no one is really exploiting this,
but it might be an issue at some point in the future.
I know most people have backups,
but it doesn't protect against
sending your backups or sensitive data to some hackers or evil adware company in the future.
For instance, if you open an application
this application cannot read/write any file unless its allowed to,
so you have to configure which config files, shared libraries must be allowed by default.
If you want to open a file say "file.txt" via an "open dialog box",
only that file is allowed to be opened by that application for reading.
The application is allowed to write
when you enter a "save dialog".
Therefore, if you are viewing file.txt, it should not be allowed to open file2.txt
unless an explicit GUI dialog allowed the application to do so or unless you authorized it explicitly.