How to isolate apps from private data in macOS?

3 points

5 years ago

Hi, long time Linux user here. I've been using Firejail for years to isolate apps from my ~/Documents and web browser data, so that there's a smaller risk of downloaded binaries like Signal and Steam accessing my private data. Also these days, things like Flatpak and Snap have similar isolation features built right in.

Now I'm thinking of getting a Macbook for the nicer creature comforts. I notice that MacOS apps installed from outside the app store have full access to ~/Library, which means things like Signal and Steam can freely poke around other apps' data, like Firefox/Chrome browser bookmarks, cookie files, etc. This seems bad to me.

I think these are the options, and none of them work very. Wonder if anyone has better suggestions:

1. sandbox-exec [1]: Poorly documented and deprecated. Might go away in upcoming releases of MacOS. Also not clear if it could produce strange results when running GUI apps that use things like the GPU or sound. Most examples I found are for relatively simple CLI executables.

2. Create separate user accounts and `sudo su` as them, then execute the binary. This kind of works but some apps give strange results. Firefox seems to lanuch OK, but I can't run steam this way. I can download the dmg, run `xattr -d com.apple.quarantine /path/Steam.dmg` then run it, the auto updater shows up, and then it closes itself without launching the store UI. If switch users to the other account, and double click the executable normally, it runs fine.

Also apps launched with `sudo` don't show up when I run the app switcher with Command-Tab, not sure why.

3. Run the app in a VM (like Parallels). Probably would work, but I'm expecting quite a bit of extra overhead from the VM layer.