After reading a bit on firejail and the issues with symlinks on updates, I was curious if perhaps there might be another way?
Firejail is similar to Flatpak before bubblewrap was split out in that it combines a setuid tool with a lot of desktop-specific sandboxing features. For example, Firejail knows about Pulseaudio, whereas bubblewrap does not.
The bubblewrap authors believe it’s much easier to audit a small setuid program, and keep features such as Pulseaudio filtering as an unprivileged process, as now occurs in Flatpak.
Also, @cgwalters thinks trying to whitelist file paths is a bad idea given the myriad ways users have to manipulate paths, and the myriad ways in which system administrators may configure a system. The bubblewrap approach is to only retain a few specific Linux capabilities such as
CAP_SYS_ADMIN , but to always access the filesystem as the invoking uid. This entirely closes TOCTTOU attacks and such.