If it’s important to you that an application doesn’t need to cooperate, then that’s something Snap has an answer for. I don’t remember the name of it or if it got past the proposal stage, but it’s like “if an app opens a file, intercept the syscall and show a dialog.” I think it’s a disgusting solution to a non-problem (it was demoed with Firefox which has dutifully cooperated with our shit for decades). But it’s interesting :)
Omg I keep finding myself back here. It was bugging me especially that I couldn’t remember, but I found it! This is the thing: https://discourse.ubuntu.com/t/ubuntu-desktop-s-24-10-dev-cy...
Oh wow, this is a killer feature of snap. I would love to see that in flatpak, but development is slowing down: https://lwn.net/Articles/1020571/