There are some cases where a native app would be better than using the web version such as for encryption purposes.
I guess if you have to use an unsandboxed app then not much to be done. You could run it in a VM but that’s very inconvenient obviously.
yeah I run some apps specifically in a dedicated MacOS VM using UTM.
yeah that is the only option ig. What specific apps you use that you can’t ditch if you don’t mind sharing (I maybe using those lol)
Maybe use Firefox containers if web app is available.
Can we somehow force sandboxing of an app?
Yeah there is sandbox-exec but it’s deprecated technically. Still works tho and better than nothing I suppose.
1 Like
I won’t put browser apps (Brave, Mullvad, Tor) and Standard Notes in a VM. Too inconvenient. Everything else that doesn’t need to be easily accessed by me at any time is put into a VM.