There are about a half dozen permissions that are regularly abused by malware. These permissions are also extremely useful for a ton of completely legitimate features.

I am pretty confident that if Google had enabled this policy only for apps which use these permissions that the community would still be upset.

So no access to SMS for apps distributed on F-Droid?