US Patent 11941139 Application-specific access privileges in a file system

Embodiments provide techniques for managing access to files on a computing system. An example method generally includes receiving, from an application, a request by a user to access a specified file on a file system through the application. A permission record is retrieved from a permission repository based on information about the application, the user, and the specified file. A determination is made of whether the user has permission to access a directory in the file system in which the specified file is located, and a determination is made of whether the application is allowed to access the specified file. Based on determining that the user has permission to access the directory in which the specified file is located and determining that the application has permission to access the specified file, the specified file is retrieved from the directory, and the application is granted access to the specified file.