Yes, you're right to be wary of suid, but primarily against local attacks on my laptop. The suid risk for a remote attacker seems rather less than from remote malware without the sandbox. Opinions may differ.
Of course you are correct, it is better than no sandbox, I'm just saying that compared to even the now affected Android, ios OSs GNU/Linux is seriously lacking in terms of security.