Well, of course you need additional mechanisms to selectively grant programs the ability to access files, preferably with no changes to applications.
For example, your use case can be fixed with no application changes by making the kernel/glibc:
1. Switch to the proper user+program uid combination upon execve
2. Grant access to all paths listed as command line arguments
Likewise, the GTK/Qt open file dialog APIs need to be fixed to communicate with a trusted daemon that actually opens the dialogs and grants permission.
Again, someone with no clue about computers would never guess that the game they just downloaded can trash all their personal files, since it's simply absurd system behavior.
Why this isn't considered a huge security issue is a mystery to me.