I doubt it, and I don't think any other operating system can either. Not unless you remove the user from the equation.
Where an app has to go thru a UAC before it can do anything outside the silo it is running in.
That's where Apple is heading with Mountain Lion, but what about stuff that turns up through the browser?
also, I wonder if legacy requirements drag an OS down in any important ways.
True, but Apple does tend to trim legacy stuff a lot faster than many in their customer base would like: Rosetta bit the dust a version ago; before that, the Java/Cocoa bridge; and then there was the uproar when they dumped the Carbon framework.
These days, I don't think anyone would build a completely new commercial OS from scratch.
