> Linux's default security mechanisms are simply too weak for something as potentially hostile as a mobile device.

Linux has SELinux as a default option which Android makes good use of, some forks more than others, and setup correctly it is better than user isolation. You could also recreate the protection user isolation provides through policy alone.