Thanks for the breakdown. I ofc use a root pwd different from my user PW (with sudo privileges) and often use appimages, as they don’t require privileges at all to my understanding. I do run a few binaries though, as for example for team speak or corectl they are the only ones that work for me.
How would I go about restricting the files a program can access? Make a whole new user just for that program, put “run as this user” in the .desktop file an manually set read/write permissions for every single file on the system?
This seems unpractical. Is there a best practise guide? Do I need to get into apparmor and stuff?
Thanks for the breakdown. I ofc use a root pwd different from my user PW (with sudo privileges) and often use appimages, as they don’t require privileges at all to my understanding. I do run a few binaries though, as for example for team speak or corectl they are the only ones that work for me.
How would I go about restricting the files a program can access? Make a whole new user just for that program, put “run as this user” in the .desktop file an manually set read/write permissions for every single file on the system?
This seems unpractical. Is there a best practise guide? Do I need to get into apparmor and stuff?