“uses regular Linux security mechanisms” is true regardless of whether any distributions you use configure them the same way or not.
The Android platform takes advantage of the Linux user-based protection to identify and isolate app resources.
As part of the Android security model, Android uses Security-Enhanced Linux (SELinux) to enforce mandatory access control (MAC) over all processes, even processes running with root or superuser privileges (Linux capabilities).
Android is Linux, and uses regular Linux security mechanisms.
That’s not the case. Android is extensively modified in order to have sandboxed applications only and restrictive hardware permissions.
Run any executable on Linux. Likely by default it can access ~/Photos and the webcam. Android doesn’t allow that
“uses regular Linux security mechanisms” is true regardless of whether any distributions you use configure them the same way or not.
https://source.android.com/docs/security/features
Android also doesn’t require root for basic functionality