I know there are some tools including firejail and bindtointerface on standard Linux Distros, but they don’t run in userland, so whenever the deck updates they will be overwritten.
Anyone have any ideas how to block access on a Steam Deck?
From what i understand any changes to the system outside of the userland will be overwritten after a SteamOS update.
That is correct. The best case is to write a script to make your desired changes, and then run it after each system update.
My own use-case is that I have a NFS mount-point for my Steam Deck to use extra storage on my NAS. After the first time I figured out how to get it mounted, I made a script to disable read-only filesystem, make all the changes to the system, and then re-enable read-only filesystem. After every system update, I just run that script once.