Re: Android M will also include much finer user controls as to what apps can access
It has many ways of controlling the access. You won't need to agree to all permissions up front, the first time an app wants to use a permissive feature (e.g. contacts) Android will alert you and ask if you wish to allow it or not. If you don't allow it the app will be expected to handle the restriction gracefully and your choice will be remembered.
At any time you can see the permissions granted to an app and revoke them or you can look at a permission and see all the apps that have been granted that permission and revoke any and all of them.
The issue though is two-fold. You can't restrict Internet access by the look of it and an app compiled for a non-M api won't have the granular control.