Network access can be used to expand an existing local vulnerability into a remotely exploitable one, or can be used to leak information remotely.
However, it’s also needed by a significant proportion of apps for legitimate purposes.
Therefore, presenting it as a safety warning is not particularly helpful, as it means very few apps ever get labelled as ‘safe’, and most get labelled as ‘potentially unsafe’ due to their network permission. This reduces the utility of the labelling system to the user.
Instead, label the network access permission as ‘safe’ in the context tile, but neutral (grey) in the dialog.
This is similar to what Android does. In Android, apps are required to request the internet permission in their manifests if they access the internet, but the user is never prompted about that permission. It’s considered a ‘normal permission’. See https://developer.android.com/training/basics/network-ops/connecting.
Signed-off-by: Philip Withnall pwithnall@endlessos.org