Title. Just had this baseless yet possible idea on my head and I’d like to know how wrong it is? Since afaik, “nobody” has absolutely zero permissions… other than the ones given by the user. Pretty sure I’m missing something vital or important, but… I’m completely fine being called dumb every now and then.

Thanks in advance.

  • nyan@lemmy.cafe
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    If you're looking for some way to restrict what a few specific programs can do without going to containers, consider firejail. It will likely do a better job than a home-rolled solution.