flatpak: Sandbox GSettings use by dropping the dconf permissions
Since GLib 2.60.x, GSettings' keyfile backend is capable enough to be the default backend for Flatpak applications. If a Flatpak doesn't have the necessary permissions to access dconf, GSettings will automatically switch to using the keyfile backend.
This is good because dconf isn't suited for sandboxing. It uses a single database shared across all applications - they are free to read and write anything, and settings are left behind even after an application has been uninstalled. This leaves plenty of room for mischief and accidents. In comparison, the keyfile backend uses a separate isolated file for each Flatpak that's removed when the application is uninstalled.