I have been using firejail for most of these kind of applications, be it Obsidian, Discord, or the browser I am using. I definitely recommend people start using it.

I treat LS as a privacy/anti-telemetry/anti-accident tool, not as anti malware.

Obviously it can detect malware if there’s a connection to some weird site, but it’s more like a bonus than a reliable test.

If you need to block FS access, then per app containers or VMs are the way to go. The container/VM sandboxes your files, and Little Snitch can then manage externa connectivity (you might still want to allow connection to some legit domains—-but maybe not github.com as that can be use to upload your data. I meant something like updates.someapp.com)

Very, very good point

I got lazy

Time to crank the paranoidmeter up again

ty

I believe they're saying it can open, it just can't send the data anywhere.

Seems a little excessive, but here we are.