The problem isn't the sandbox, it's inherently the issue with lack of fine grained permissions and being unable to revoke permissions after installation.
Wanna see a real permission model, look at the BB10 Android Player model. After installation, you could revoke permissions and the player would basically act as if the data from that permission was just empty. App asks for contacts, here's an empty contacts list.
Edit: I just did a small hackathon and ended up having to request full BLUETOOTH Access and LOCATION access to connect to a label printer... how is this long term sustainable.
This is just Android being transparent. "Bluetooth usage may allow apps to track your location." Which is perfectly true.
There has to be a balance between explaining to the user, e.g. that there are multiple ways their location can be tracked, and permission request overload.
I don't imagine explaining to everyday users the details of the Bluetooth protocol is viable.
Wanna see a real permission model, look at the BB10 Android Player model. After installation, you could revoke permissions and the player would basically act as if the data from that permission was just empty. App asks for contacts, here's an empty contacts list.
Edit: I just did a small hackathon and ended up having to request full BLUETOOTH Access and LOCATION access to connect to a label printer... how is this long term sustainable.