Android/iOS do sandbox user apps by default, for instance. When you run a script on Linux, it has access to everything your user has.
Access control is also more advanced, e.g. apps need to request permissions to the user. Not saying that desktop OSes are not making progress, but they are behind.
I don't know if Qubes qualifies here. Qubes runs Linux instances in VMs to compartmentalise them, but then each Linux instance has the Linux security model.
I agree with the sandboxing and permissions points, but is that related to the OS not being rooted? This is a genuine question - I'm not trying to make a point here, but to learn.
I think Qubes qualifies from a practical point of view, as modern hardware is powerful enough for it, so it's viable to run Qubes on desktop instead of a baremetal OS. I'd even go further and say there's no excuse not to run Qubes if you're familiar with Linux and can afford a compatible desktop or laptop.
Per-app sandboxing or per-OS compartmentalization is pretty similar with regards to security. There are some security and usability trade-offs, but I like the per-OS isolation model, as it's easier for several apps to share everything within a VM - that way you isolate a whole "project" more easily, as everything inside a VM is only related to that project and you assume all the apps would need access, anyway.
Android/iOS do sandbox user apps by default, for instance. When you run a script on Linux, it has access to everything your user has.
Access control is also more advanced, e.g. apps need to request permissions to the user. Not saying that desktop OSes are not making progress, but they are behind.
I don't know if Qubes qualifies here. Qubes runs Linux instances in VMs to compartmentalise them, but then each Linux instance has the Linux security model.
I agree with the sandboxing and permissions points, but is that related to the OS not being rooted? This is a genuine question - I'm not trying to make a point here, but to learn.
I think Qubes qualifies from a practical point of view, as modern hardware is powerful enough for it, so it's viable to run Qubes on desktop instead of a baremetal OS. I'd even go further and say there's no excuse not to run Qubes if you're familiar with Linux and can afford a compatible desktop or laptop.
Per-app sandboxing or per-OS compartmentalization is pretty similar with regards to security. There are some security and usability trade-offs, but I like the per-OS isolation model, as it's easier for several apps to share everything within a VM - that way you isolate a whole "project" more easily, as everything inside a VM is only related to that project and you assume all the apps would need access, anyway.