Sounds nice! It seems like the only "sandbox security engine" at the moment is the Flatpak one, right? Could someone explain to me what kind of sandboxing it brings?<p>For instance, can it be used to sandbox the clipboard, such that a sandboxed process cannot read the content of the clipboard without the user authorizing it?<p>And what else does it sandbox? Without this, can arbitrary processes "look at the window" of any other arbitrary process (and e.g. read the text rendered there)?