Just don't give those entitlements to unvetted apps, then - or require that the user solve a tricky coding challenge before they unlock the ability to grant those. It's not hard.

I think that would be in violation of court order Apple needs to comply with. For instance, they could (probably correctly) say that overriding the default web browser breaks security properties.

The whole point is that the EU wants to take away Apple's ability to vet apps, since that's created an anti-competitive situation.

I guess that's a case of the EU's regulation having negative effects on security, then!

However, this doesn't have any bearing on the argument that user freedom doesn't significantly compromise security - this just shows that the EU made a bad law.