Agreed, and we’re now in serious danger of “Okay button fatigue” or whatever you’d like to call it.
If every normal app has to ask for permission to use your disk, you’re just going to click “Okay” when malware asks. Then the whole system was for naught.
Maybe just having some groups, like Firefox's containers.
It's less secure, but a simple setup would drastically reduce the number of programs with access to important information.
So just don't do that. The application needs an "Open" dialog already so you can tell it what files to open, just have that dialog be a process run by the system instead of the application, treat the permission as implicit since the user is the one selecting the file, and pass a handle back to the application.
If every normal app has to ask for permission to use your disk, you’re just going to click “Okay” when malware asks. Then the whole system was for naught.