No, and 1000 times no. The "library whitelist" in the Jolla Store basically exists out of some (in my opinion, as discussed almost two years ago, misguided) concern about binary compatibility with future SailfishOS versions.

It does absolutely nothing regarding security.

I mean, just look at what most people do to escape the library whitelist: statically link to whatever library they feel like.



Security in Sailfish basically comes to the separation between 3 users: root, privileged, and nemo.
- Root is "I just bricked your device by accident" level
- Privileged is "I can email your address book to china" level.
- Nemo is "I can convert your phone into a major spam-sending operations center, break havoc in all your other running applications, including reading their data (since you can ptrace them), but at least you may not be able to easily read the stock sailfish contacts database, and hopefully not brick the device".

Curiously enough it seems that all of this was done more to satisfy Exchange requirements than for security/privacy reasons.

Applications in the store are limited to the "nemo" level mostly because install scripts are forbidden (thus you cannot run stuff as root during install time, and therefore you cannot set the setuid bit on files).

This protection is not extended to random .rpm files. Those immediately get to the "root" level already during install time.

I have no idea how much sandboxing is done in AlienDalvik (it is proprietary) but my wild guess is also "none".