Zed is our office

[viraptor]

Honestly - no. To use selinux you need to commit to actually learning how it works and experimenting a bit. I don't think there's an easier way than reading both redhat (https://docs.redhat.com/en/documentation/red_hat_enterprise_...) and NSA (https://www.nsa.gov/portals/75/documents/resources/everyone/...) docs.

If you're happy with firejail, make sure you use whitelists only and you'll be 90% there with what's possible to achieve.