@iry Sometime back I outlined a standardized way we can use to safely force applications that don’t support stream isolation to work safely under Tor: Managing programs without Tor DNS Support / orjail
How difficult would you find such a project?
PS. Since firejail was recently re-mentioned could it work here since it could give each sandboxed application its own virtualized namespace?