Is it best (for security) to install browsers via Flatpak or via a distribution's repositories on Linux?

Duck: > Although if Flatpak starts to support the unprivileged user namespaces like you say, that would be even better, right? Yes, depending on how strict the settings are set for the flatpak. Duck: > Also, if we disable JavaScript, should we care very much about browser sandbox anyways? While JavaScript, especially JIT, is a big attack surface, you should still care about sandboxing, since there are still possible exploits in other components of the browser.