GrapheneOS is a locked-down, security-hardened system that's good if you need absolutely maximal security (e.g. journalists, activists, folks targeted by state actors). LineageOS is a more of an open system for tinkerers who want to play outside Google's walled garden.
You can have root to control your own device on Lineage, but not Graphene.
> I stand corrected. Still, as you say, less point in it since it breaks their security model.
It breaks the entire point of the security model on ALL android devices. It isnt recommended on any Android distribution. It doesnt matter if its LOS or GOS
Not having root prevents me from taking proper backups that include app data, it prevents me from using Aegis to import TOTP codes from Authy. I get that on some abstract level it is more "secure" from any malicious software that might find its way onto the device, but the practical upshot is largely obstructing the user from using the system.
Have you ever had to work on a locked-down machine at an office? I don't need Google or Graphene to play IT department for me.
As I'm sure you're aware, SeedVault won't backup app data if the app authors have opted out of it. Again, this is an example of a system serving masters other than the device's owner.
It's not really locked down. You can toggle or enable some of the more activist-orientated features. The only limitation I'm aware of is that some apps requiring the strongest Play Integrity setting (ChatGPT, some banks, very few airline apps) just won't work on GrapheneOS.
You can have root to control your own device on Lineage, but not Graphene.