> I think the permissions model for desktop and laptop computers is way too permissive to begin with
Well, if you feel that way, they do make platforms that sound like a better fit: iPad, iOS, even Android kinda fits that mold. I would call them "toy computers" but that is my bias. It's not a real computer to me if I am not even in control of what code runs on it.
Ah, I can see what you’re getting at. There is actually a system which is a better fit for me, which is the Mac. I can still run the software I want on it, and even though the security model isn’t tight enough, it’s improving.
Linux is also doable, but there’s extra work involved with setting up separate user accounts for running specific pieces of software, configuring namespaces for those processes, that sort of thing. But this is backwards. I’d rather start with a secure default state and have to configure exceptions. Back in the day I could get that from SELinux strict policies but it seems like those have fallen by the wayside.