[kaba0]

I’m no security researcher so do correct me if I’m wrong but I assume you use firejail which is a suid program - a bug here could cause an escape to even become root. And why would you write a sandbox in a memory safe language…

[gnufx]

Yes, you're right to be wary of suid, but primarily against local attacks on my laptop. The suid risk for a remote attacker seems rather less than from remote malware without the sandbox. Opinions may differ.

[kaba0]

Of course you are correct, it is better than no sandbox, I'm just saying that compared to even the now affected Android, ios OSs GNU/Linux is seriously lacking in terms of security.