What is Opera?
Opera is a fast and free alternative browser, made to discover.
(official statement at opera.com)
What keeps your system safe&clean from virus/malware?
Antivirus or anti-virus software (often abbreviated as AV), sometimes known as anti-malware software, is computer software used to prevent, detect and remove malicious software.
In what case a user's browser settings like default search engine would be hijacked?
You ignored or your browser / OS / antivirus software failed to notify you about a unsafe download.
Your antivirus software fails to warn you when a unsafe executable be launched and fails to protect your system from it.
When the antivirus software fails to protect the system, which means in that case your system would contain some malware or virus, would you really trust a browser to protect you when your system is insecure?
So you mean a browser shouldn't consider security at all?
Of course NOT. A browser could (and should) keep user safe when surfing the internet, which includes (but not limited to)
Suspend connection and notify user about bad certificate, to secure SSL connections
(but still, provide user a way to access it)
Warn user about a known unsafe site that may contain malware
(but still, allow user to access it anyway and prevent danger scripts to harm user's system, that's why we have sandbox in Chromium)
Warn user about a unsafe download, for example when it's a known malware
(but still, if user decide to run it anyways, it's antivirus software's job to prevent system from being damaged)
And what about locking the default search engine?
When your system is insecure, locking the default search engine means nothing.
Locking the default search engine means NOTHING
(I said it twice since it's important)
The attacker could, for example, change your DNS server to attacker's without you even know it. In that case, when you're trying to access a site (let's say Google.com) it could be resolved to attacker's site. It's not hard for the attacker to add his own certificate as trusted, so in this case https can't protect you. Your connection would be still be encrypted, but not to Google's server, to attacker's server.
Is it necessary to have some protection on search engine?
Absolutely yes. But NOT like what Opera does.
Let's take a look at what Google Chrome does about search engines:
There are build-in search engines. But you can edit them, remove them (all) as you wish.
You can add your own custom search engine, and set it as default.
So how does Google Chrome prevent unwanted change to search engine?
A extension could add a search engine, but may not override the default settings without user knowing it.
A extension couldn't be installed without user knowing it.
A extension doesn't come from Chrome Web Store will be disabled at every startup of browser (on stable/beta channels only)
In short: Google Chrome prevents search engine settings being changed without user knowing it while using the browser.
In conclusion, a browser, should offer user a safe Internet experience, but should never try to protect user's system outside the browser - We have antivirus softwares to do that.
But... but they said it's about safety
They might be trying to do so, but it's a completely pointless, meaningless move.