When I started linux, I heard creating seperate user accounts for specific uses only is a good step to security in linux. I haven’t tried it but after seeing concerns regarding some game launchers snooping around the os, I am trying to see how hard will it be to not let them. I only know the basics of user creation through GUI.
I wont be running games by the way, but I want to have this knowledge of user accounts in linux as a linux security enthusiast. I just want to create a user account where only apps or packages will run with no root access or access to outside its home folder. Even installing apps or packages should not require root to install and must be installed in that home folder and not /usr/bin or /lib. Should be like sandbox environment. I have complete control of permisions and processes of the app. Dont say about flatpak or virtual machines, not talking about that here, just plain old linux.
Note that I am not doing this out of paronoia but as a security enthusiast. I have heard about firejail, SE linux, and WhonixOS but just scratched the surface of it.
How should I do this? I need some sources to read all about linux user accounts.
You can limit what a given package has access to with kernel based security package profiles for packages like apparmor, selinux, smack or tomoyo. Someone with root access can change this but it can be helpful at preventing someone from gaining that access in the first place.
The definitive guide to selinux.