I want to run a shell script that might open my browser to a specific website. I don’t want the page to load when this happen. But I cannot switch off my internet access also (as I use the internet to remotely access another system at the same time). So I am planning to isolate the run time environment for the shell script.
I an on Arch and I used to use a AUR package called bubblejail to do this. But with the whole AUR security fiasco, I am not trusting any packages from AUR. I can switch to another distro if needed, like Rocky or something.
So my requirement is, Internet sandboxing for a terminal and the processes it spawns. Preferably using flatpak commands.
Edit: I tried disabling the internet usage for a terminal from Flathub using Flatseal. Sure I cannot curl after this, but when I launch my browser using it, it had Internet access.
You want to find a way to remove the “open other programs” permission from the terminal. Or run it in a VM without internet connection.
Yeah, that’s the simple answer. Install a VM, don’t give it network access. Probably quicker to install a distro with a ready rolled installer (Ubuntu/Fedora etc) than to install Arch
VirtualBox is quick to install and easy to use (but the owner of Oracle, Larry Ellison is evil so not the moral choice). Qemu-KVM is a bit more of a faff but is FOSS.
If they use virt-manager most of the faff is handled for you in a way very similar to Virtual Box. It’s not just as easy and you have to learn its idiosyncrasies. But I recommend trying it!