I apologise for my semi-optimal build of sentences. The phrase ‘kinda’ shall indicate that it is not 100% immutable since e.g. software gets installed by the user. The line in question was supposed to include the aspects of the paragraphs above like App installation never on root. 
And you are absolutely correct in advising that being only itself is already a risk. 
1 Like
I get what you mean, and to be fair: I have two laptops where the flatpaks are installed the --user, yet my main machine has a testing account “beheerder” which holds no essential data, and of course a “knurpht” account. On this machine I install the flatpaks systemwide. So far did not run into issues.
1 Like
This is how coming into this thread feels
2 Likes