This sort of protection is not a requirement for an operation system though. For instance AmigaOS had full pre-emptive multitasking, device drivers, a windowing UI, a filesystem and all sorts of user-facing features expected of a modern operating system.
But it had no memory protection, no "kernel mode" or filesystem access rights, the hardware was fully documented and accessible to all code running on the machine.
Each program could easily take over the entire machine and do literally anything (including destroying all your data).
Multi-user capability and the idea that a user only has limited access to the computer was really a mainframe thing that leaked into personal computing during the 90s.
But it had no memory protection, no "kernel mode" or filesystem access rights, the hardware was fully documented and accessible to all code running on the machine.
Each program could easily take over the entire machine and do literally anything (including destroying all your data).
Multi-user capability and the idea that a user only has limited access to the computer was really a mainframe thing that leaked into personal computing during the 90s.