You are right about USB, thunderbolt 3+PCI Express on the other hand allows very low level memory access, and in older implementations there’s nothing the operating system can do. But then again even if they force a specific thunderbolt configuration to prevent DMA it will still leave the “normal” PCIe ports as a way to access the memory outside the purview of the OS.
I know that Macron is trying to square the circle after his little stunt with the elections left and France an ungovernable mess, but naming Bayrou prime-minister sounds more like a move to piss off as many people as possible in the parliament than an attempt to end political instability.