> If it could automate removing unused permissions, tell us if someone tries to use a removed permission, and shows us reports of both, that would certainly fit well into the second way.
Automatic changes are ticking time-bombs which rarely have any place in production. And this particular example would break production very quickly. For example, a system that performs daily and monthly reports will break when the automated system removes the permissions it uses only once a month.
If you grant no permissions ever, by default... you don't even have to worry about anything other than the permissions you gave. The challenges to doing this are three fold
1. Operating Systems like Linux, Windows, etc... aren't designed to do this, and can't without a design change.
2. Applications need to be reworked a bit so that they are given file handles instead of telling the OS what files to open. It can looks the same to the user if done correctly.
3. The adoption curve is long on this one.... but systems like Genode are getting there... I look forward to using it sometime in the next year for experimenting.
Automatic changes are ticking time-bombs which rarely have any place in production. And this particular example would break production very quickly. For example, a system that performs daily and monthly reports will break when the automated system removes the permissions it uses only once a month.