[chopin]

But these are applications for knowledgeable users I think which is not the type of users the GGP is talking about. For these it might be ok to ask for permission. Or to grant it automatically if you are root or sudo'ed. And many use cases could get around with allowing silently to write if the file has been previously been opened by the same application.

[quotemstr]

I will not use a system that pops up some kind of UAC-like approval dialog for every call Emacs makes to open(2).

[wlesieutre]

The OS X sandbox doesn't work that way. If you do "Open" and pick the root of your hard drive one time, the application gets and keeps access to the entire drive.

Disk scanning programs like DaisyDisk from the app store have to make you do this before they can get any information about disk usage.