I think this is in interesting discussion. Thanks for the links you provided.
Just to be clear, security isn’t a binary thing, hell it’s not even a sliding scale, it’s completely multi dimensional dependent on your particular threat model. For sake of argument, sandboxing may be weaker, but if a Flatpak means you get faster updates, it becomes a pro and cons consideration.
UBlue is not alone in making the decision to ship Firefox as a Flatpak, MicroOS is also doing the same. If you are worried about it being a bad call for your threat model it’s actually pretty easy to layer Firefox back into Bazzite and use the Fedora packaging, free of the Flatpak sandbox issues.
I’d love to see an actual open security vulnerability around exploiting the weaker sandbox. I don’t know if it’s just theory at this point or if security researchers have a working proof of concept.