Damned #Arch #Linux...
I wanted to start using #selinux on my main computer, because I have untrusted apps I don't want to spy on me. Like obedient Arch user I searched their sacred #Wiki... And suprise! Selinux-related packages are in damned #AUR!
I feel using systemd (and few other important things) from AUR is less safe than using these things from [testing] 😏
Now I have to find other way to introduce app #isolation...


@madargon You might be interested in firejail if you haven't checked it out before. It comes with a lot of profiles for common apps

@niobium I use this on my main system, today I started with Firefox containers. And I consider using apparmor here. I'd like to have any way to use absolutely crap without my "true" browser.

@madargon Firefox containers are great. You might like @stoically 's Temporary Containers extension. It can be set to open each new tab in a new container that gets cleared after closing.

I've read that firejail can be used alongside apparmor. What I like about firejail is it's easy to quickly check running something outside of it if it breaks anything, and with the default profile it only lets Firefox see its settings and ~/Downloads, but nothing else on the filesystem.

Sign in to participate in the conversation

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!