Hear me out:

How about this: Instead of third-party companies installing their custom code to fuck with my operating system,

How about just having the OS offer an API that a game can request to reboot the OS into "console mode": A single-user, single-application mode that just runs that game only.

Similar to how consoles work.

That mode could be reserved for competitive ranked multiplayer only.