Additional note to the mentioned above: snap use apparmor to secure their apps whereas in comparison to flatpak use bubblewrap.
AppArmor
AppArmor profiles are generated for each command. These have the appropriate security label and command-specific AppArmor rules to mediate file access, application execution, Linux capabilities, mount, ptrace, IPC, signals, coarse-grained networking.