Comment by Zak

The problem there is that the primary security mechanism is enumerating badness by policing what apps users can install. That's not nearly as robust as designing the sandbox so apps can't do much harm. If toggling the setting is really dangerous, which it wasn't in this case, it should have been impossible for an app to do without some sort of special access.

I also think users should be in control of granting or denying that kind of special access, but that's a separate discussion.