A user may supplement the functionality of his or her computing device by downloading a program from an online marketplace of programs. In many environments, an administrator of the marketplace may attempt to vet the programs that it offers to ensure that the programs do not pose an undue security risk to the end users. Nevertheless, some of the programs may still perform activities that may compromise the security of the users' private information. For example, a program that runs on a smartphone can access the location of a user, which is provided by a GPS mechanism of the smartphone. The program may then forward the private information to various entities, such as a social networking website.
To address these issues, the industry has proposed various safeguards. In one approach, a program developer or other agent may prepare a manifest that describes the resources that a program may access when it executes. A user may inspect such a manifest to determine whether it is appropriate to install and run the program. Alternatively, or in addition, a runtime environment can be configured to provide a dialogue which prompts the user whenever a program seeks access to private information, such as location information provided by a GPS mechanism.
However, these mechanisms do not provide a generally satisfactory solution to the above-described security risks. For example, these mechanisms may not provide enough reliable detail regarding a potential threat to enable the user to make an informed decision regarding whether to execute a program which accesses private information.