Hm… I struggle to picture what you’re trying to achieve…

If you are “making an app” as in coding one, you can just have it say ask for a pin in a window as part of starting up.

You suggest various encryption related solutions… what is your threat model? Do you want to make the identity of the app unknown to others? Normally, autkenticating users is the responsibility of the os/desktop environment, and it would be non-ideomatic for an application to bundle its own auth, except for apps such as a password manager.

If you want to make an existing system app privileged/secret in some way then that sounds awkward indeed. Normally you’d definitely be using user management facilities (e.g. dedicated users and sudo config) to achieve such a thing.

If you really do want to make the app “secret” in some sense you could achieve the same thing as with your mac using a combination of loopback block devices (see man losetup) with an encrypted luks volume inside… but depending on the app you might end up in dependency hell if it’s not statically linked.

ymmv 🙂

This is a good shitpost 💯

❤️

This is profound life advice much more than a shitpost.

If you’re the one making the tea and cleaning up afterwards then any feeling that you can’t have it is internalised oppression.

Switched from Windows in 2002, did FreeBSD -> Gentoo -> Ubuntu -> Arch. Finally switched to NixOS in 2012 and never looked back.

The builtin isolation meant I never actually got properly acquainted with Docker until I switched jobs and had to use it.