As a rule, the fact that some applications do something unwanted (malicious activity, data collection, etc.) is discovered either as a result of analysis performed by security experts, or when an antivirus is triggered. This happens because operating systems do not limit the permissions strongly enough.
For example, if the user opens a file when using a program, this program is granted sufficient rights to view other files located in some area of the file system and / or is marked with appropriate access rights. Opening a web page means that the application is now capable of sending as many random requests as possible. Keyboard capturing is usually allowed based on the all-or-nothing principle, even if you only need to reassign one key.
We believe that before defining the privileges a program would require it is vital to answer the question ‘What does this program do?’ first. In Sivelkiria, every module has a clearly described task, which defines its access rights. It is not allowed to make system calls and interact with other modules unless required to complete that module’s duties.