[sp332]

Web apps run in the browser sandbox. They don't generally have access to the filesystem.

[mr_toad]

This uses the file system API, which users can use to grant read and write access to entire folders.

Malicious apps will never trick users into granting access to folders they shouldn’t, whereupon they won’t have their files exfiltrated, encrypted, and held to ransom.

[croes]

Parent writes about all applications to be web based, all appliactions without access to the filesystem are hardly possible.