It would be fantastic for an OS to mandate a particular type of installation (oh how I miss dragging app packages from a .dmg into my Application directory & being done with it) while preventing anything else.
A lot of desktop software devs are averse to anything but old style full access to everything all the time, but yes I agree. Most software has no good reason to put files anywhere outside of its own application bundle and ~/Library/Application Support/<Program Name>/.
