People download native apps all day long and they have access to hardware and nobody thinks twice. If you don't trust a website then don't allow access. It's not that much different than just not installing it if it was a native app.
So is there a push for something like this? Are there some security standards browsers are building into them to allow this? I mean to a web app the browsers IS the operating system so it would make sense to have the browser have better security around it, which would then put the power in the users hands and allow us programmers to make richer web apps.