diff --git a/hosts/common/programs/assorted.nix b/hosts/common/programs/assorted.nix
index 3a3886ea2..8be795873 100644
--- a/hosts/common/programs/assorted.nix
+++ b/hosts/common/programs/assorted.nix
@@ -677,7 +677,7 @@ in
       # TODO: probably need /dev and such
     ];
 
-    gnome-screenshot = {};
+    gnome-screenshot.sandbox.method = null;
 
     google-chrome.sandbox.enable = false;  # google-chrome is my "pleeeaaase work" fallback, so let it do anything.
 
@@ -805,7 +805,7 @@ in
     # provides `ip`, `routel`, `bridge`, others.
     # landlock works fine for most of these, but `ip netns exec` wants to attach to an existing namespace (which requires sudo)
     # and that means we can't use ANY sandboxer for it.
-    iproute2.sandbox.enable = false;
+    iproute2.sandbox.method = null;  #< TODO: sandbox
     # iproute2.sandbox.net = "all";
     # iproute2.sandbox.capabilities = [ "net_admin" ];
     # iproute2.sandbox.extraPaths = [
@@ -1127,7 +1127,7 @@ in
 
     # snapshot camera, based on libcamera
     # TODO: enable dma heaps for more efficient buffer sharing: <https://gitlab.com/postmarketOS/pmaports/-/issues/2789>
-    snapshot = {};
+    snapshot.sandbox.method = null;  #< TODO: sandbox
 
     sops.sandbox.method = "bunpen";
     sops.sandbox.extraHomePaths = [
@@ -1210,7 +1210,7 @@ in
     tumiki-fighters.sandbox.whitelistWayland = true;
     tumiki-fighters.sandbox.whitelistX = true;
 
-    util-linux.sandbox.enable = false;  #< TODO: possible to sandbox if i specify a different profile for each of its ~50 binaries
+    util-linux.sandbox.method = null;  #< TODO: possible to sandbox if i specify a different profile for each of its ~50 binaries
 
     unzip.sandbox.method = "bunpen";
     unzip.sandbox.autodetectCliPaths = "existingOrParent";
diff --git a/hosts/common/programs/bunpen.nix b/hosts/common/programs/bunpen.nix
index 0c7c915e4..e4aca9d8f 100644
--- a/hosts/common/programs/bunpen.nix
+++ b/hosts/common/programs/bunpen.nix
@@ -13,6 +13,7 @@ in
       '';
     });
     sandbox.enable = false;
+    sandbox.method = null;  #< TODO: avoids infinite recursion in the sane.programs system
   };
 
   environment.pathsToLink = lib.mkIf cfg.enabled [ "/libexec/bunpen" ];
diff --git a/hosts/common/programs/gst-launch.nix b/hosts/common/programs/gst-launch.nix
index b3d0bdbd4..bbbeef442 100644
--- a/hosts/common/programs/gst-launch.nix
+++ b/hosts/common/programs/gst-launch.nix
@@ -20,5 +20,6 @@
         pipewire
       ]);
     });
+    sandbox.method = null;  #< TODO: sandbox
   };
 }
diff --git a/hosts/common/programs/libcamera.nix b/hosts/common/programs/libcamera.nix
index 6acd4c6f0..0248b466a 100644
--- a/hosts/common/programs/libcamera.nix
+++ b/hosts/common/programs/libcamera.nix
@@ -3,7 +3,9 @@ let
   cfg = config.sane.programs.libcamera;
 in
 {
-  sane.programs.libcamera = {};
+  sane.programs.libcamera = {
+    sandbox.method = null;  #< TODO: sandbox
+  };
   services.udev.extraRules = lib.mkIf cfg.enabled ''
     # libcamera (snapshot, millipixels, ...)
     # see: <https://gitlab.com/postmarketOS/pmaports/-/merge_requests/5541>
diff --git a/hosts/common/programs/nix.nix b/hosts/common/programs/nix.nix
index f3adf1785..e45b6d07f 100644
--- a/hosts/common/programs/nix.nix
+++ b/hosts/common/programs/nix.nix
@@ -2,6 +2,7 @@
 {
   sane.programs.nix = {
     packageUnwrapped = pkgs.nixVersions.latest;
+    sandbox.method = null;  #< TODO: sandbox ?
     env.NIXPKGS_ALLOW_UNFREE = "1";  #< FUCK OFF YOU'RE SO ANNOYING
     persist.byStore.plaintext = [
       # ~/.cache/nix can become several GB; persisted to save RAM
diff --git a/hosts/common/programs/rofi/default.nix b/hosts/common/programs/rofi/default.nix
index 0cdc78b4a..fc2f1f799 100644
--- a/hosts/common/programs/rofi/default.nix
+++ b/hosts/common/programs/rofi/default.nix
@@ -139,7 +139,7 @@ in
       srcRoot = ./.;
       pkgs = [ "sane-open" ];
     };
-    sandbox.enable = false;  #< trivial script, and all our deps are sandboxed
+    sandbox.method = null;  #< trivial script, and all our deps are sandboxed
 
     suggestedPrograms = [
       "sane-open"
diff --git a/hosts/common/programs/sane-scripts.nix b/hosts/common/programs/sane-scripts.nix
index 56279605c..b00aa7bc5 100644
--- a/hosts/common/programs/sane-scripts.nix
+++ b/hosts/common/programs/sane-scripts.nix
@@ -73,7 +73,7 @@ in
 
     # the idea of this script is to `cd` into a fresh clone...
     # but that's an ephemeral operation that would be lost when the sandbox closes.
-    "sane-scripts.clone".sandbox.enable = false;
+    "sane-scripts.clone".sandbox.method = null;  #< TODO: sandbox
 
     "sane-scripts.dev-cargo-loop".sandbox = {
       method = "bwrap";
@@ -124,16 +124,15 @@ in
         ".persist/private"
       ];
     };
-    "sane-scripts.private-lock".sandbox.enable = false;
-    "sane-scripts.private-unlock".sandbox.enable = false;
+    "sane-scripts.private-lock".sandbox.method = null;
+    "sane-scripts.private-unlock".sandbox.method = null;
 
     "sane-scripts.reclaim-boot-space".sandbox = {
       method = "bunpen";
       extraPaths = [ "/boot" ];
     };
 
-    # it's just a thin wrapper around rsync, which is already sandboxed
-    "sane-scripts.rcp".sandbox.enable = false;
+    "sane-scripts.rcp".sandbox.enable = false;  # it's just a thin wrapper around rsync, which is already sandboxed
     # but make sure rsync is always on PATH, so that we actually do get sandboxing :)
     "sane-scripts.rcp".suggestedPrograms = [ "rsync" ];
 
@@ -166,7 +165,7 @@ in
     ];
     # sane-secrets-update-keys is a thin wrapper around sops + some utilities.
     # really i should sandbox just the utilities
-    "sane-scripts.secrets-update-keys".sandbox.enable = false;
+    "sane-scripts.secrets-update-keys".sandbox.method = null;
     "sane-scripts.secrets-update-keys".suggestedPrograms = [
       "findutils"
       "sops"
@@ -196,7 +195,7 @@ in
     "sane-scripts.sudo-redirect".sandbox.enable = false;
 
     "sane-scripts.sync-music" = {};
-    "sane-scripts.sync-from-iphone" = {};
+    "sane-scripts.sync-from-iphone".sandbox.method = null;  #< TODO
 
     "sane-scripts.tag-media".suggestedPrograms = [
       "exiftool"  #< for (slightly) better sandboxing than default exiftool
@@ -228,8 +227,8 @@ in
       {}
       (builtins.attrNames config.sane.vpn);
     "sane-scripts.vpn".sandbox = {
-      enable = false;  #< bwrap can't handle `ip link`, and landlock can't handle bwrap/pasta for `sane-vpn do`
-      # method = "landlock";  #< bwrap can't handle `ip link` stuff even with cap_net_admin
+      enable = false;  #< `sane-vpn do ...` wraps arbitrary commands; can't sandbox
+      # method = "bunpen";
       # net = "all";
       # capabilities = [ "net_admin" ];
       # extraHomePaths = [ ".config/sane-vpn" ];
diff --git a/hosts/common/programs/v4l-utils.nix b/hosts/common/programs/v4l-utils.nix
index 7b073ff9c..01554bdbc 100644
--- a/hosts/common/programs/v4l-utils.nix
+++ b/hosts/common/programs/v4l-utils.nix
@@ -16,5 +16,6 @@
     packageUnwrapped = pkgs.v4l-utils.override {
       withGUI = false;  #< XXX(2024-09-09): gui does not cross compile due to qtbase / wrapQtAppsHook
     };
+    sandbox.method = null;  #< TODO: sandbox
   };
 }
diff --git a/modules/programs/default.nix b/modules/programs/default.nix
index d9d6d2bd5..c621851c5 100644
--- a/modules/programs/default.nix
+++ b/modules/programs/default.nix
@@ -294,7 +294,7 @@ let
       };
       sandbox.method = mkOption {
         type = types.nullOr (types.enum [ "bunpen" "bwrap" "capshonly" "pastaonly" "landlock" ]);
-        default = null;  #< TODO: default to something non-null
+        default = "bunpen";
         description = ''
           how/whether to sandbox all binaries in the package.
         '';