nixos comes to mind, rootless runpod, qubesos.

but they all have something in common, the issue is that your user is compromised that means the applications running in that user are compromised the only thing you gain is that you can trust your system, you can trust that your system is not compromised which is only relevant with infrastructure since if your user is compromised you're already fucked, multi-user setups with untrusted accounts are inheritly insecure and in infrastrucure the blast radius might be thousands of users that use the said service.

the breakdown looks something like this:

  - you heavily compromise a single user <- exploit not relevant
  - you compromise a shared setup via a bad user to compromise a lot of users <- should never be used anymore, namespace isolation is the replacement
  - you somewhat compromise a lot of users via infra compromise <- where this hurts