Checklists are fine if you have a fixed problem space. Just to go by your example - aviation safety is a mostly fixed problem space you can make mitigations in. Any item on the checklist would be there to mitigate safety issues almost any aircraft would encounter (and I'd imagine there are specific checklists for e.g. passenger vs. cargo aviation).
"Linux security" is not a fixed problem space. Not at all. And that's precisely my problem with this - this checklist pretends that it's a fixed problem space, and therefore grossly misrepresents the problem.
My point is that most problem spaces can be split into fixed and non fixed portions. Aviation safety has plenty of problems that require a real person to make a call and react intelligently, which is why we still have pilots. Checklists are used to cut down on the entirely avoidable problems that might be missed some percentage of the time otherwise.
There are plenty of things in Linux security that are static solutions that can be employed almost all the time, such as not allowing direct access to root accounts, always running a local firewall, making sure remote services aren't run as root without dropping privileges, etc.
"Linux security" is not a fixed problem space. Not at all. And that's precisely my problem with this - this checklist pretends that it's a fixed problem space, and therefore grossly misrepresents the problem.