Re: Zoom on Bookworm?
On Tue, 19 Dec 2023 at 11:04, Jerome BENOIT
<sphericaltriangle@rezozer.net> wrote:
> can we efficiently jail zoom ?
Hi, my approach is to do that on my laptop by using grub to boot into various
different Debian installations.
Multiboot is un-fashionable, but I find it useful and versatile. Hard
drives are plenty
big enough to allow multiple operating systems installations.
The 931GB spinning hard drive has 4 primary partitions, sizes are approximate:
Z = 12GB boot
X = 12GB standalone minimal Debian installation with /boot symlinked
to /mnt/Z/X
Y = 12GB standalone minimal Debian installation with /boot symlinked
to /mnt/Z/Y
LUKS2 = 895GB
So basically there is unencrypted boot, and the majority of the drive
is allocated to the
LUKS2 encrypted partition. Plus there are a couple of minimal Debian
installations,
one of which has Zoom installed.
The LUKS2 partition contains LVM volumes
S = 12GB swap
A, B, C, D, E = 5x 12GB Debian installations with /boot symlinked to
/mnt/Z/{ABCDE}
T = 149G data
U = 497G data
I have installed Zoom on partition Y, which does not contain
cryptsetup tools, so
the LUKS2 partition cannot be opened, which hides all my sensitive data from
Zoom.
When I want to do real work, I boot one of my encrypted A,B,C,D,E installations
which can all access the common encrypted data in the T and U volumes.
Reply to: