I took that to mean that the application doesn’t get direct access to the user’s files on the Maidsafe network, not that the application has restricted privileges on the user’s local box. E.g. If I install a MaidSafe app on my desktop, it won’t be able to access my MaidSafe files, but it could still compromise files and programs on my local machine. Am I interpreting that wrong?
If the applications are sandboxed to not have access to the user’s local files (e.g. files not stored on MaidSafe), could you explain how? Is it like the JVM or a browser sandbox, where apps have to be built entirely around the MaidSafe APIs? Or is it more like AppArmor, where you can code in any language you want and use standard system APIs freely, but have to comply with the security policy defined by the sandbox.
Also…
Going off of that video I linked a few posts ago (https://www.youtube.com/watch?v=rlj0DCa7LyU), it seems MaidSafe also provides some means for encrypted peer-to-peer connections between individual MaidSafe users?