Aye, there's like 3-6 ways to inject code into applications on Windows, and then LD_PRELOAD (and equivalents) and attaching as a debugger on *NIX platforms. There's no way a display manager, audio server, etc. can protect themselves from clients from code injected into them - outside of completely disabling these functions that allow it (and certainly have valid use cases, if much less often than illegitimate ones).

All installations of X. X has no sandboxing. What most of these clickbait articles or concepts fail to mention is that at the very worst, you can get the same level of access that was possible before the sandboxing was added.

If an app has write access to your home folder, it has root. But with flatpak and portals, its realistic that direct home dir access will no longer be a thing for most apps.

Good point. I was imprecise in my wording.

I meant that most operating systems using X as the display server are not going to have application sandboxing.

I'm pretty sure the top level comment here was just FUD, although I assume it was well intentioned, just misunderstood.