@summerheat Including, apparently, an X11 sandboxing method using built-in X extensions! And a way of turning off 3D acceleration support for sandboxed apps. I'm not sure when the new version will show up in Debian Testing so I can try it out. Right now though, I'm quite interested in reports of how the new features work. X11 is a huge security hole, but xpra is very slow and Xephyr is irritating to use, so a less flimsy method of X11 isolation would be a good thing... Likewise for 3D support, which is nice to have for some local programs but not so much for your browser.