The problem is how do you set up those permissions without a god object? How do you fix ones that are broken on a running system?

Ultimately the security systems that introduce high complexity in the name of fine grain permission controls end up being the most fragile and hardest to verify. People get stuff wrong then break it further trying to get their job done. The better system is sometimes the one that doesn’t have all of the features but is comprehensible to humans.

If you have a privilege to replace the kernel or bootloader, you effectively have all privileges on that system. Therefore, there's no need to complicate the access limitations when you get full access anyway.

I own the computer. The least privilege I have encompasses every privilege.

You should read over NIST 800-53 AC-2 and AC-6. They go over why privileged accounts are important, why they are used, and how they protect users and organizations.

JIT access should be the goal.

Scroll down to: Implementation Guidance

https://csf.tools/reference/cloud-controls-matrix/v4-0/iam/i...

This sounds good in theory, but in practice it doesn't work. You always end up with an object that has all the privileges.