Generally, I agree and am just more strict about the software I install. If it has access to home folder etc… worst case is something like scraping keys or session / csrf and cookie info and sending that somewhere. Even if you locked it down… it could still use a system call and curl command or something to post your info somewhere.
Maybe more knowledgeable people in security would disagree but I see app specific rules almost as theater.