Is the Flatpak sandboxing actually secure, though? Or does it work like a charm because most of the security enforcement is disabled in practice?
Allegedly [1] a lot of popular packages use "--filesystem=host", which completely defeats the security of sandbox by granting access to the user's home directory (i.e, allows arbitrary code execution through modification of configuration files).
I think I would rather trust the browser's sandbox, where sandboxing has been in place from the start and applications are designed for it.
It's true many flatpaks are still leaky to match usability expectations. We don't know how to devise proper information partitioning schemes or aren't willing to accept the ones we come up with it.
Ultimately it comes down to who you trust the most. Do you trust your cloud provider to not look at your data and sell you off or do you prefer trusting your local application to not fuck around where it shouldn't?
Allegedly [1] a lot of popular packages use "--filesystem=host", which completely defeats the security of sandbox by granting access to the user's home directory (i.e, allows arbitrary code execution through modification of configuration files).
I think I would rather trust the browser's sandbox, where sandboxing has been in place from the start and applications are designed for it.
[1] https://flatkill.org/2020/