In the Windows XP era, a freeware game or utility you downloaded turning out to be a virus was 100% your fault. It wasn’t a defect in Windows that your whole computer got owned, that was just how computers worked. Crazy to me that people want to go back there.
The push for containerization and sandboxing is in right direction if user have control over it.
By all means run the new app I downloaded in nice little box and ask me when it wants to access any file from outside of it, but if I want to I should have option to give it permission to whatever I want.
It's not so crazy if you understand that there are people who want to be able to have complete control over their own machines. These modern security measures trade that control for security.
But there are many circumstances where that tradeoff is undesirable. Perhaps the machine will never be connected to a network. Perhaps the owner of that machine is willing and able to take responsibility for the security. Etc.
XP security was atrocious, and there were already better, functional models of how to structure things out there.
Even today, no file sandboxing solution I'm aware of really properly handles more complex file formats that don't consist of a single atomic file.
Only macOS goes beyond the simple "allow the user to pick a single file or directory and that's that" model, and even then according to the documentation I found it only handles simple sidecar files that only differ in the file extension from the main file, but still breaks down for anything more complicated than that.
