MS Dos 5.0 on my first PC was a bit short on features and I had not enough money for Windows 3.1… I heard that American students were using something called Unix and that their was something close available through mail-order CDs. Yggdrasil CDs were cheap too!

A process owned by any user will be able to exploit a userspace vulnerability, whatever this user is. Selinux, chroot, cgroups/containerization add a layer of protection to this, but any vulnerability that bypass these will be as exploitable from nobody as from any other local user. It will protect a user files from some access attempts but will fail to prevent any serious attack. And as usual when it comes to security, a false sense of security is worse than no security at all.

Remember that some exploits exist that can climb outside of a full-blown virtual machine to the virtualisation host, finding a user escalation vulnerability is even more likely.

The only real protection is an up-to-date system, sane user behavior and maybe a little bit of paranoia.

Subjective take: there’s worse than FreeCAD - sure it’s a bit “old school” but it’s bearable. O. The other hand, the solver has crashed on me so many times… The workbench way of doing things requires some time to get usdmed to, sure, but a crashing solver is far worse.

That’s a lot of words for “I’m too lazy to master the most essential tool of my professional life and keep it updated to my requirements”.

If you don’t want to do it, feel free to pay an Ubuntu support subscription, open a ticket, and get back to work. As you said: you should be working on your problem instead of whining. Or maybe you earn more whining?

There’s a saying that goes like that: “To a bad workman, there’s always bad tools.”

EOL of version 7 is next year in June, you got a nice pile of work here!

And *nix shells a perfect example of the KISS principle.

On behalf of garbage, I loudly protest on this attempt to assimilate it to Powershell.

You can add support contract requirements for some pieces of software coming from vendors with so little confidence in their product that they’re rather have it run on an outdated dependencies environnement. A side effect of the logic you talked about, applied to software vendors.

Unplug your mouse. Seriously. Do it. It might sound like the “kicking and screaming” method but you’ll learn to rely on your keyboard even for GUI tools and you’ll vastly improve how fast you navigate your computer. You should find yourself more and more in the terminal, obviously, but you may learn also some nice tricks with everything else.

All recent CPUs have native virtualization support, so there’s close to no performance hit on VMs.

That being said, even a VM is subject to exploits and malicious code could break out of the VM down to its hypervisor.

The only secure way of running suspicious programs starts with an air-gaped machine, a cheap hdd/ssd that will go straight under the hammer as soon as testing is complete. And I’d be wondering even after that if maybe the BIOS might have been compromised.

On a lower level of paranoia and/or threat, a VM on an up-to-date hypervisor with a snapshot taken before doing anything questionable should be enough. You’d then only have to fear a zero day exploit of said hypervisor.