I’m not super familiar with Apple as I am with Android so take what I talk about iOS with a grain of salt, and Macos with a shovel of salt.
Android permission model is a bag of different layers, and some specific permissions have shifted to more strict layers over the years. For example, in the beginning all apps had a private space that other normal apps could never get into, and public space that everyone would be able to read and write provided they made such “request” at download time. For some time after that I think they moved it to next level, so you " requested" that both at download time AND with a pop up to the user. Currently you have to do all that AND not be a normal app and fill some forms and Google has to agree with you.
Camera, microphone and GPS has been for a long time in the middle tier of requesting at download time and with pop up, for both Android and iOS. But I think not on Mac os, and certainly not on Linux, with the exception of browsers, that have their own security models rolled up on top of whatever their os imposes, since they execute code from total strangers every time you open a page for the first time.
Some permissions like send and receive Internet data are still in the lightest tier, only asked at download time, for both Android and iOS.
I recently wanted to put my Linux obsidian without Internet access, and had to learn how to do that with a script that calls bwrap that in its turn calls obsidian. I wasn’t comfortable otherwise, because I wanted the freedom to run as many community plugins as I wanted, and this is strangers javascript code running in my machine, and I didn’t want it accessing random folders and uploading things.
If I ran vscode I’d do the same, since I’m not familiar with the vetting process for its plugins. Same for gimp, but I never needed plugins in it.
I’m not super familiar with Apple as I am with Android so take what I talk about iOS with a grain of salt, and Macos with a shovel of salt.
Android permission model is a bag of different layers, and some specific permissions have shifted to more strict layers over the years. For example, in the beginning all apps had a private space that other normal apps could never get into, and public space that everyone would be able to read and write provided they made such “request” at download time. For some time after that I think they moved it to next level, so you " requested" that both at download time AND with a pop up to the user. Currently you have to do all that AND not be a normal app and fill some forms and Google has to agree with you.
Camera, microphone and GPS has been for a long time in the middle tier of requesting at download time and with pop up, for both Android and iOS. But I think not on Mac os, and certainly not on Linux, with the exception of browsers, that have their own security models rolled up on top of whatever their os imposes, since they execute code from total strangers every time you open a page for the first time.
Some permissions like send and receive Internet data are still in the lightest tier, only asked at download time, for both Android and iOS.
I recently wanted to put my Linux obsidian without Internet access, and had to learn how to do that with a script that calls bwrap that in its turn calls obsidian. I wasn’t comfortable otherwise, because I wanted the freedom to run as many community plugins as I wanted, and this is strangers javascript code running in my machine, and I didn’t want it accessing random folders and uploading things.
If I ran vscode I’d do the same, since I’m not familiar with the vetting process for its plugins. Same for gimp, but I never needed plugins in it.