The system has no way of knowing who you are. It can’t tell if you’re really you, or just someone who walked by and started using your computer while you got up to go to the bathroom. If you really think the threat model is outdated, why not just run everything as root?
Also, you know you can configure sudo to not ask you for a password, right? So why do you need to use a whole new framework and privilege model to basically save yourself from typing four letters?
The system does know who I am: the command is coming from me. An attacker doesn't need to elevate privileges to compromise me: he can steal whatever he needs without becoming root. He can replace sudo and steal my password too.
The whole concept of my personal user account needing to elevate to root to make "system" changes is a relict of long-gone days of BBSes, shell accounts, and time sharing. These days, we should minimize friction between the user (almost always singular) and operation of his system. Apps, not users, should be sandboxed.
I think this is another one of those paradigm shifts accomplished only after a lot of people retire.
Most distros already sort of elevate the initial users permissions so they can use sound, reboot without a password etc. So this is certainly doable. But doing it systemwise would also allow "rm -rf /" (which is specifically guarded nowadays I know). It's just an additional step. It's also why on most distros the prompt turns red when you're root. I don't have an opinion regarding if this is the right way. I have run as root in the past too. It's been mostly fine.
Moving validation to an app store is doable but it’s very costly and not a complete solution. Sandboxing is here. Multiple layers is generally better, and you can configure your system as you see fit.
Also, you know you can configure sudo to not ask you for a password, right? So why do you need to use a whole new framework and privilege model to basically save yourself from typing four letters?