> I recommend doing some reading about LSM (selinux/apparmor) and/or grsec. This is exactly what they can prevent, even if you run foo and bar as the same user.
Thank you, but I am aware about these technologies. And I just checked on my Ubuntu laptop, and I can modify the memory of any process running under my user. I'm talking about distros that are actually in use by people today, without any exotic modifications. I am aware there are ways to block all of this (making your life hell in the process) using tools that may or may not already be available, but that is a little bit more invasive than your initial suggestion of "Let's move files out of $HOME". And now you agree that moving them out of $HOME is not even necessary. So it seems you've changed your point from "Let's move all configuration files out of $HOME" to "Let's bake in a lot more security". Can't argue against that.
> And I just checked on my Ubuntu laptop, and I can modify the memory of any process running under my user.
Yes, you can. And that wouldn't change. That's not the point of the modification.
But you're wrong saying this is exotic or would make life hell. You're running Ubuntu. This is already happening and it seems you're not even aware of it. Run `apparmor_status` and see what profiles are already enforced. I'm pretty sure that you have /usr/bin/evince listed in there. (it's installed by default)
Now, try to open any pdf in evince and save a copy to `~/.ssh`. Or `~/.mozilla`. Or `~/.config/chromium`. Or `~/.gnupg`. You have access to those directories as a user - so guess why it's failing? Apparmor does exactly what I described. You can still modify the memory of evince - do whatever you want to it, I'll wait. But it won't change the result - you can't write to those directories from evince itself. You can still save that pdf as anything in your $HOME however.
I didn't change my point. Security is not binary - there's no secure and insecure, but a gradient in between. Moving configuration out of home is one step of the big process which will make better security easier to apply.
Thank you, but I am aware about these technologies. And I just checked on my Ubuntu laptop, and I can modify the memory of any process running under my user. I'm talking about distros that are actually in use by people today, without any exotic modifications. I am aware there are ways to block all of this (making your life hell in the process) using tools that may or may not already be available, but that is a little bit more invasive than your initial suggestion of "Let's move files out of $HOME". And now you agree that moving them out of $HOME is not even necessary. So it seems you've changed your point from "Let's move all configuration files out of $HOME" to "Let's bake in a lot more security". Can't argue against that.