Sandboxing is one of the pain points of Mac App Store. I certainly would like to see sandboxing being more prevalent on the desktop, but not like the MAS way. The user should have the final say of the way in which a sandbox allows and restricts the application. Just for example, I should be able to completely trust an app with access to the filesystem, not with all the popups and confirmations, while disallowing network access from it.