Current security warning dialogs have options to Run and Cancel. If the user clicks Cancel, the application still runs, but is restricted to the sandbox, and in most cases will fail with a security exception. This failure may only be visible within the Console, so typical end users would not get any feedback, and the application or web page will just appear to be stuck.

When a user is presented with the security dialog that asks whether an app should be run, they expect that hitting Cancel will stop the execution and they do not understand that the application will still run within the sandbox. The value of the Cancel button is not understood, and is inconsistent with what other technologies provide. See (for example) this dialog: http://media.obsessable.com/media/2008/12/09/internet-explorer-security-warning-windows-xp.jpg