Re: android already does this
Not really. Inter-application communication has very tight granularity, but application-to-phone permissions are still quite big buckets:
http://developer.android.com/reference/android/Manifest.permission.html
It's a little odd as there are a few very fine-grained permissions, while most are very large buckets. eg location info has several different permissions, while others let the app do pretty much whatever it wants to "X".
It's still not possible to deny an application a permission while still running it, or alter permissions after installation - for example, almost every social network app seems to want GPS location. What if I don't want it to have my location but am happy for everything else?
Or even more common, I'm happy for it to use the Internet but not for it to use my phone or SMS/MMS. When abroad it's easy to kill Internet, but not possible to kill phone/SMS/MMS.