szczuroarturo@programming.dev to Linux@lemmy.ml · 1 year agoAntivirus recomendationsmessage-squaremessage-square131fedilinkarrow-up1107arrow-down19file-text
arrow-up198arrow-down1message-squareAntivirus recomendationsszczuroarturo@programming.dev to Linux@lemmy.ml · 1 year agomessage-square131fedilinkfile-text
minus-squarecizra@lemm.eelinkfedilinkarrow-up2·1 year agoHere it comes: https://paste.ee/p/voTFI Note that I’m no Bash expert, and you’ll undoubtedly find ways to improve or fix it. Usage: Run stuff in a sandbox isolate bash - and then verify your access to filesystem is restricted Enable Xorg for apps that need it X=1 isolate mindustry Wayland, which naturally isolates apps from each other, is enabled by default. Enable network for apps that need it: NET=1 isolate curl https://ip6.me/api/ Enter the sandbox to mess around with it manually: NAME=mindustry isolate bash Note that it doesn’t catch Ctrl-C. Ctrl-C kills the isolated Bash. Populate data (installers and whatnot): NAME=mygame isolate ls; cp installer.sh ~/.local/share/bubblewrap/mygame/; NAME=mygame isolate bash
Here it comes: https://paste.ee/p/voTFI
Note that I’m no Bash expert, and you’ll undoubtedly find ways to improve or fix it. Usage:
isolate bash
- and then verify your access to filesystem is restrictedX=1 isolate mindustry
NET=1 isolate curl https://ip6.me/api/
NAME=mindustry isolate bash
NAME=mygame isolate ls; cp installer.sh ~/.local/share/bubblewrap/mygame/; NAME=mygame isolate bash