Firejail sandboxing works well on these scenarios. You can trivially grant more or less privileges, including the removal of the entire sandbox if you wish.
It actually ships with rulesets for hundreds of programs that tend to be quite polished and work out of the box.
Personally, I dislike flatpak because it doesn't let me control the dependencies of packaged software, and I feel we loose one of the most important advantages of Linux.
It actually ships with rulesets for hundreds of programs that tend to be quite polished and work out of the box.
Personally, I dislike flatpak because it doesn't let me control the dependencies of packaged software, and I feel we loose one of the most important advantages of Linux.