Comment by const_cast

Nothing really. Desktop operating systems are basically grandfathered into the modern world. They have the old timey approach to application security. That being, applications can access everything on your computer, and there's no fine-grained permission systems.

But, for OS that we've developed later, we kind of decided that's a problem, and applications are a vector for malware, and "trust" just isn't enough. So Android and iOS did the whole permissions thing.

Now, we've gone back and added some stuff onto desktop operating systems. Of course Linux has containers these days on desktop. Like, I'm running Firefox right now - but Firefox can only access it's runtime folders and ~/Downloads. So, if there's a zero day sandbox breach, I won't get data stolen. There's also SELinux and Apparmor and stuff and you can really jump into the deep end with this.

But, we largely view it as unnecessary because we're running open-source software from trusted repositories. We probably shouldn't view it that way.