The headline improvement is one that was already trailed by Ville in his recent Sandboxing blog post. From now on, any app that defines an application profile will be automatically sandboxed. This is currently an opt-in process; any app that isn’t updated in this way will still run outside the sandbox. As a user this means you will start to see some third party apps bring up the sandboxing dialogue on first run. You should already be familiar with this from 4.2.0, in which the Jolla apps were already sandboxed. In 4.3.0 Suomenlinna you’ll start to see this more often. Users can of course still run apps however they want, but can feel more confident when running apps inside the sandbox.
This is an important security advancement, and follows the roadmap Ville described towards having all apps sandboxed. We’ve been careful to increase security without compromising user-control, and we think you’ll appreciate the extra peace-of-mind that sandboxing brings.
That’s a big new feature, and a welcome one, too. As usual, this new version also includes improvements to Sailfish’ Android application support and its web browser, among other things.