Comment by shengpuerh

Same, this has been a challenge since my development machine also has access to banking/personal sensitive data. I would really like to run with `--dangerously-skip-permissions` (or equivalents) without too much worry.

Local VMs are heavyweight but useful if you are sandboxing an entire IDE/GUI app like Cursor. With containers it's somewhat annoying to share local files - Distrobox helps with GUI apps and mounting the home directory but loses sandboxing. I have been curious about Flatpak/bubblewrap, but haven't had time to try it.

For now I've settled on containers, but I would like to shift to a remote VM like I have at work.