Run Unsafe Browser with Flatpak
We have a PoC which successfully runs Tor Browser with Flatpak with a pseudo Flatpak runtime, which consists of an overlay of our squashfs filesystem. This setup is similar to what we currently do to run the Unsafe Browser in a chroot. We might want to adapt the PoC to run the Unsafe Browser with Flatpak and get rid of our own sandboxing solution.
This would also solve #19366 because when running with Flatpak the Unsafe Browser would use desktop portals. It would also be possible to get the Unsafe Browser to use desktop portals with our current sandboxing solution but it might require some effort to reimplement more things which Flatpak already takes care of.
Edited by segfault