Despite popular belief, Linux distributions are not immune to security issues due to the complexity of software stacks and the potential for bugs. While the server world has embraced sandboxing to mitigate exploits, many popular desktop Linux distributions, including Debian, Fedora, Ubuntu, Arch, and Gentoo, lack proper sandboxing, leaving users vulnerable to potential attacks. ChromeOS, on the other hand, implements various technologies to keep Chrome in its own world, minimizing the attack surface and following the principle of least privilege. There is a need for improvements in Linux sandboxing, as current popular approaches such as Flatpak and Firejail have their own criticisms.
https://bjornpagen.com/en_US/desktop%20linux%20is%20insecure