Might be the same but what if you allow all curl/wget traffic for 'dev' user, but continue to flag any traffic for 'normal' user
for dev work run 'su -c curl … dev'
But if malicious program in normal user space is running, then app firewall flags curl and wget use appropriately.
It would be annoying to input password every time so maybe setup PAM to use yubikey or biometric? Also make sure this user cannot login and does not have a password.
for dev work run 'su -c curl … dev'
But if malicious program in normal user space is running, then app firewall flags curl and wget use appropriately.
It would be annoying to input password every time so maybe setup PAM to use yubikey or biometric? Also make sure this user cannot login and does not have a password.