(no title)

The post does mention X's security issues. We are discussing switching to wayland but XFCE doesn't support it yet.

If we don't switch to wayland, I might add X sandboxing via a nested X server such as Xpra to sandbox-app-launcher. It's already on the TODO list.

> flatpak for sandoxing

Flatpak is not a good sandbox. It fully trusts the applications and the permissions are far too vague to be meaningful. For example, many applications come with "filesystem=home" which means read-write access to the entire home directory so to escape, they just need to write to .bashrc.

We're using sandbox-app-launcher instead.

> The way it's written looks more like marketing than anything else

Sorry for talking about our recent projects then?