A neutral file system and standardized file formats are a huge part of what has made computing able to do interesting things in the past 40 years. The fact that one application can output a file, and another can open it and operate on it is basically at the core of the unix philosophy, and the reason we can have things like developer workflows.

If I, as an application author, can only work on data in ways that are intended and officially blessed by another application, we basically have the situation we have on mobile where everything is siloed, and the state of the art is limited by the imagination individual application developers.

I’m aware, and fine with the file system in general. What I do not want is web browsers having arbitrary - or even restricted - access to it.

How then are web apps supposed to become part of a more durable workflow (i.e. opening/saving/moving/backing up files) if we do not permit them the same privileges as native apps? I don't think web apps should have total control over your filesystem, but why not at least allow them to operate within a folder?

They aren't. Web apps can't be trusted with access to barely anything on your system, lest they copy it to sell as advertising. As long as the internet is fueled by advertising, essentially all web apps are adware.

Operate within which folder?

BTW both Safari and Firefox are not going to implement the File Access non-standards that Chrome pushes. They expose too much, there are no good ways to limit the exposure etc.

All today’s new tech ideas must stand up to the question of whether they are viable in a majority bad actor environment.

If they were like cars, only bulletproof armored personnel transports need apply.

The modern Internet is basically a failed state.

This is an incredibly important comment.

A welfare state works for the benefit of its people, at the cost of business. The internet is precisely the opposite.

I think that’s probably more aptly described as serfdom than as a welfare state

> File system access

How about just subfolder access? Limit facebook.com's permissions to only the user/facebook/ folder.

How about just anonymous file descriptors. It asks for a file, the user gives it one or they don't. It can't make any use of any filenames whatsoever.

That can be a better idea. (Unfortunately the HTML file input in any web browser that I have tried does not allow the user to change the file name to a different name than the local file name. This ought to be fixed.)

When it asks the user for a file, can also specify the wanted access: read, write, read+seek, or read+write+seek. Requested format can also be specified, but the user should be allowed to ignore the requested format if wanted and instead specify an arbitrary file. For writes, estimated file size can also be specified as a hint, which can also be ignored. Then the user can type in a file name, or for the non-seeking modes, a pipe is also possible. For write non-seeking, the user can specify append or overwrite. For seekable files, a pipe is not valid. For writing to files, the user can also optionally specify the maximum size that the file is allowed to have.

That's basically what file system access is like in Android, unless you give an app Storage permission. Seems sandboxed enough if no other web apps can view it.

What about iframes? This seems like a backdoor for tracking.