And most distributions have the permissions structure of, well, 1980's Unix.
I know it's being worked on, but it's a little crazy to think that on most Linux systems you still don't get a permissions popup when your calculator app wants to turn on your microphone. You can't grant access to your contacts or email on an app-by-app basis.
I say most because it has been largely solved on Android, for example.
You can use Flatpaks to basically solve this issue. Most applications nowadays are already available as Flatpaks, the ones that aren't probably have been reviewed by your distribution. Stick to official repositories and there shouldn't be any worries really. Of course for the average user this kind of discipline might be impossible, but for power-users out there: https://firejail.wordpress.com/
You could also play a bit with writing SELinux or AppArmor policies, although I grant that most people don't give a fuck and just want to get their computing done.
Opting for a Wayland-compliant display server instead of XOrg will also provide you with similar benefits such as preventing applications from capturing your key-presses without you knowing or recording your screen without your permission.
edit: I have no idea how I forgot about this, but immutable file systems are a thing now and they work pretty well, you can go for something such as Fedora Kinoite [0], Fedora Silverblue [1][2], OpenSUSE MicroOS [3], or VanillaOS [4] where all applications you install will be Flatpaks.
Flatpaks support this through XDG Portals, and Flatpaks are cross-distribution. They aren't the native build artifact of most applications though, and are packaged by the community.
I know it's being worked on, but it's a little crazy to think that on most Linux systems you still don't get a permissions popup when your calculator app wants to turn on your microphone. You can't grant access to your contacts or email on an app-by-app basis.
I say most because it has been largely solved on Android, for example.