Not really true. Default configuration is more permissive nowadays.
In my opinion, generally, users seek (further) restriction. Why? It's because virtualization (there's a reason why it's named that way; contrary to sandboxing) is superior in terms of compatibility with applications by default. There's a trade over restriction. And I like it that way. I could provide examples where this is noticeable-- where you may not be able to run applications at all when sandboxing.
