Linux

65954 readers

372 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 7 years ago

MODERATORS

nooter692@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

How to run a Flatpak Terminal without internet permission? (discuss.tchncs.de)

submitted 1 week ago* (last edited 1 week ago) by brokenwing@discuss.tchncs.de to c/linux@lemmy.ml

13 comments fedilink hide all child comments

I want to run a shell script that might open my browser to a specific website. I don't want the page to load when this happen. But I cannot switch off my internet access also (as I use the internet to remotely access another system at the same time). So I am planning to isolate the run time environment for the shell script.

I an on Arch and I used to use a AUR package called bubblejail to do this. But with the whole AUR security fiasco, I am not trusting any packages from AUR. I can switch to another distro if needed, like Rocky or something.

So my requirement is, Internet sandboxing for a terminal and the processes it spawns. Preferably using flatpak commands.

Edit: I tried disabling the internet usage for a terminal from Flathub using Flatseal. Sure I cannot curl after this, but when I launch my browser using it, it had Internet access.

you are viewing a single comment's thread
view the rest of the comments

[–] RheumatoidArthritis@mander.xyz 1 points 1 week ago

There is likely a less complicated way to do it but sudo to another user account and then run it with the protection. This way it can't reach your web browser. Or - I don't know if your program can do it, but Firejail certainly can - hide browser binaries and xdg-open from it, but I don't know how effective this will be against your particular script.

If you don't trust something maybe don't run it on your main OS?