> I'm expecting Windows to move towards a more sandboxed experience as well
It already does to some extent.
Internet Explorer was the first to introduce it (to my now out of date understanding), and it's since expanded to other products including shipped Windows apps, Office, etc.
It happens invisibly for the developer, if you think the registry that you access is THE registry then you're wrong. It's a proxy that you access, and the proxy has a view on what you will see or not.
Basically, you the user get the choice, but by default your apps, the things they open, are all sandboxed and protected. For compatibility reasons you can currently choose to override this, but as you might expect group policy can be used to disable someone's ability to lower their security.
Actually, Windows 8 apps are sandboxed too. Take a look at the Microsoft requirements to distribute a new Metro-Style app through their own app store. Same sandboxed requirements. Microsoft must approve and developers must justify any access to resources outside the standard sandbox set.
Yes, but the desktop experience and apps will still be a big part of Windows 8 unless you're running it on an ARM tablet. Microsoft will happily link to your native non-sandboxed app from their App Store.
It already does to some extent.
Internet Explorer was the first to introduce it (to my now out of date understanding), and it's since expanded to other products including shipped Windows apps, Office, etc.
It happens invisibly for the developer, if you think the registry that you access is THE registry then you're wrong. It's a proxy that you access, and the proxy has a view on what you will see or not.
An example mention of this is here (one of the first Google hits): http://office.microsoft.com/en-us/access-help/enable-or-disa...
Basically, you the user get the choice, but by default your apps, the things they open, are all sandboxed and protected. For compatibility reasons you can currently choose to override this, but as you might expect group policy can be used to disable someone's ability to lower their security.