You must log in or register to comment.
Whichever you’re more comfortable with and provides the features you want.
Define “sandboxed”
Application can only access a limited part of the system? = use flatpak or build a container/VM image using the nix pkgs.
Application can be uninstalled completely and has separate libraries? I prefer nix.
Nix apps are not sandboxed and you have no control of what resources they have access to or don’t, unless you wrap them with some other program
They can be isolated because Nix has in-built support for three different levels of sandboxing - virtual machines, containers as well as ephemeral shells.
I’d say Nix requires some experience, so if you are new to Linux, definitely go with Flatpak. I believe Flatpak also provides stronger sandboxing.
Flatpaks are easier to use in most distros. If you’re using NixOS, then Nix of course. But if you want to do a lot of CLI stuff, then Nix may be better too.
