The most simple but also least effective sandbox type is the container or wrapper sandbox that builds an isolated process environment and then executes the target application inside.
Flatpak provides an isolated runtime environment using a container type sandbox to execute the target application inside.
… there are two issues that prevent flatpak from providing a real sandbox environment…
Flatpak is not a sandbox
https://hanako.codeberg.page/
Thanks for the info.
Personally, I’ve been avoiding Flatpaks anyway on my main machine, but not out of security concerns. Mainly to do with size and the update frequency.
Even the author says Flatpak is a sandbox.
Just that it’s no true scotsman, I mean sandbox.