I would argue that the legacy OS and app architecture we have on desktop OSs doesn't make sense there, either.
It's a model that worked fine in multi-user setups where you ran a single executable, so that the security per user was meaningful, but today it just sucks.
Android is quite elegant in reusing the Linux kernel's permission system, but on a granularity that actually makes sense (apps are started as separate users, and they just elevated their concept of user a level higher).
macOS grants processes permissions, eg terminal is allowed access to ~/Photos but Whatsapp is not. Seems like a decent evolution of things.