You tell the user what entitlements or permissions are being requested at the point of the app trying to use them, stop treating the users like stupid children and let them make an educated decision about how to use the hardware that they own.
There are limits on Android anyway, what your side-loaded apps can do without you using a custom ROM or rooting the device is restricted somewhat.
Have you ever seen a random windows user? Do you think Grandma understands that?
I’m all for allowing power-users to side loads apps, but average user definitely needs to be thought as a child that will use 1234 as their password, and click ‘ok’ on every pop-up without even reading it.
Require the super scary "break app sandbox" entitlements to be activated behind an adb-command-mutated flag (or whatever the iOS equivalent of adb is) after jumping through the USB debugging hoops?
There are limits on Android anyway, what your side-loaded apps can do without you using a custom ROM or rooting the device is restricted somewhat.