While lots of this is problem of desktops in general, but:

• Linux applications can access your entire home folder, which likely contains most of your data. It can also access e.g. state of other applications, which can be bad.
• While flatpak somewhat mitigates the issues, it is half-baked: permissions are granted directly when you install the app, and user has to manually revoke the permission - Needing e.g. FlatSeal for this is insane as well. With Android/iOS, the user only grants permission when needed, which reduces lots of attack surfaces.
  • Doesn’t too many apps want your home folder access by default? If you think about it, it is a huge security issue - you basically have to trust the app to keep your secrets intact.
  • Mic access can be very problematic, esp when it would be enabled by default if app requests it. Although I don’t know to which extent this would be abused.