Because permission control is what most people expect on phone application, which is another way linux has great default UX that is similar to what happens on phones.
Finally, I don’t think a mispackaged app is supposed to be able to break out of the application sandbox, unless some bug is exploited.
Unless you are referring to the fact that some app are packaged with overly-permissive default permissions. But most people can change the default permission, and only grant permissions that makes sense.