todo.md: task to remove /run/wrappers

2024-03-01 21:32:01 +00:00 · 2024-03-01 21:32:01 +00:00 · 063d99dd73
commit 063d99dd73
parent 0d48c462cb
1 changed files with 2 additions and 0 deletions
--- a/TODO.md
+++ b/TODO.md
@ -46,6 +46,8 @@
    - limit access to `~/knowledge/secrets` through an agent that requires GUI approval, so a firefox exploit can't steal all my logins
  - port sane-sandboxed to a compiled language (hare?)
    - it adds like 50-70ms launch time _on my laptop_. i'd hate to know how much that is on the pinephone.
+  - remove /run/wrappers from the sandbox path
+    - they're mostly useless when using no-new-privs, just an opportunity to forget to specify deps
 - make dconf stuff less monolithic
  - i.e. per-app dconf profiles for those which need it. possible static config.
 - canaries for important services