> The sandboxing allow a bit of isolation but this it ranks quite poorly in term of actual security benefits for the typical end users use cases.
Ranked poorly in what checklist?
> Well, not the authors of flatpak, but yes some did. On medias that many people watch such as youtube videos.
Let's try to stay on topic. The point I made was that, the author's example about Flatpak GIMP doing something unauthorized on your system applies to any package format. The differentiating factor here is that Flatpak/Flatseal allows you to sandbox the application easily and quite effectively if I may add.
yes and the point I made that usually when you are using most applications that aren't fetching content from the internet, this is to work on your data, so you have to give those applications access to your data and thus if the app is malicious it can do stuff on your data. Worse is if your application needs local files and internet access, said app can exfiltrate your data, receive payload and the fact it is sandboxed to a subset of your data doesn't change a lot compared to a non sandboxed app if this is data you cannot allow to be stolen/modified/ransomwared.
Sandboxing can limit a bit the attack surface / scenarios, but that's it.
Ranked poorly in what checklist?
> Well, not the authors of flatpak, but yes some did. On medias that many people watch such as youtube videos.
Let's try to stay on topic. The point I made was that, the author's example about Flatpak GIMP doing something unauthorized on your system applies to any package format. The differentiating factor here is that Flatpak/Flatseal allows you to sandbox the application easily and quite effectively if I may add.