In a post today on Microsoft's Building Windows 8 blog, program manager John Hanzen took a deep dive on two topics that are set to separate the platform's Metro style apps apart from every Windows app before them: installation and permissions. It's no secret that Microsoft is pushing Windows' app ecosystem in the same direction that Windows Phone, Android, iOS, and OS X have all gone in recent years — away from the classic free-for-all and toward a central clearinghouse — and that means that the policies and techniques that developers deal with will be changing (and by all appearances, simplifying tremendously).

On the Windows Store experience, Hanzen notes that apps in the Store will provide one-click installs, continual monitoring of crashes, and collection of user feedback — and devs don't need "a single line of installation code to make this magic happen." Once an app is installed, Windows keeps an eye on it and offers a replacement install from the Store if it detects any corruption.

Metro apps are pretty tightly sandboxed, and apps submitted to the Windows Store need to declare many types of capabilities that they use — not unlike Google Play's permissions list. Examples in Windows 8 of requestable permissions include access to different types of media libraries, access to the network, and access to certain portions of a user's profile; by default, an app will have none of these, though network access is common enough that Microsoft's developer tools have a pre-built template for it.

The age of the app sandbox on the desktop is here to stay

Windows 8 features a specific SDK for Metro style apps, but perhaps the most interesting thing about Hanzen's post is the fact that developers can't be entirely stopped from working around the SDK and using unsupported APIs — it's a direct violation of the Store's terms to use them and "hide or obfuscate" their use, but as we've learned time and time again from mobile app stores, violators do slip through from time to time. Going outside the Metro sandbox "ultimately undermines the expectations that customers have for your app," Tanzen says. Whether the bulk of developers agree and produce high-quality Metro style apps out of the gate without "cheating" remains to be seen, and probably depends in part on how complete of a Metro-specific SDK Microsoft delivers on day one.

At any rate, Microsoft's latest dispatch to Windows 8 developers makes one thing clear: the age of the app sandbox on the desktop is here to stay.