[upofadown]

>desktop linux distros grant any process trivial access to elevate to root as there is no sandboxing model.

That "trivial" access would have to be an actual exploit. The software in a typical Linux system is not actively attacking the user as the proprietary software in a typical smartphone is. The need for sandboxing is much less.

Last I heard Android mostly depended on the Unix security model as implemented by Linux for isolation where each program was run as a separate user. The same sort of local privilege escalation exploits would work on Android as well. Things like Docker containers are susceptible to those sorts of exploits as well. You need actual virtualisation to have any sort of defence against that sort of exploit. That what Qubes does.

[gradeless]

Theres a lot more to the android app sandbox than just running processes as seperate users. Theoretically something similar could be implemented in some other 'typical linux system'. It would be a huge undertaking. If you are thinking about security need to consider not only malicious apps, but possible attack vectors opened up by any application. This paper is a couple of years old, it explains how it all works on Android https://arxiv.org/abs/1904.05572