Now this looks promising for mere mortals. I found jart's Linux port of pledge[0] which makes it seem possible to simply wrap utilities through a preceding script. If I couple this with distrobox/podman (which should work fine?) I might be able to pretty seamlessly lock down utilities by default with minimal shenanigans.
Assuming it does what it says on the tin, and it can work with GUI apps, this would get me almost all the way.
Assuming it does what it says on the tin, and it can work with GUI apps, this would get me almost all the way.
[0] https://justine.lol/pledge/