Hello,
I use Nordvpn but through Networkmanager instead of their app.
I do this cause I have had some bad experiences with their app, now that I use Kinoite it just makes things easier, although I miss several functions which the app has and which I don’t have now.
Is it possible to install the app in a toolbox so you don’t have to layer the software? Or will it not work then?
I can only speak of MullvadVPN which has an RPM repo and works perfectly fine. In the past I layered their RPMs manually downloaded.
Toolbox uses a rootless Podman container, which means even executing sudo in there doesnt grant it access to your actual system directories.
Only the home is mounted into the container to have access to all user files.
So as no software inside the container can change anything outside home, logically it also cannot manipulate your network.
Android is way more advanced here, where the VPN functionality is done by the system and various unprivileged apps can just hook in there and get the access to control it. The system then passes all system traffic to the unprivileged app, which does the VPN routing (I guess).
Desktop Linux has quite some things to learn here.
Most notably, Networkmanager has no support for VPN killswitches, to block network when not being connected. This is crucial if you need anonymity or need to prevent leaks, like having a Torrent client running without a VPN.
Thus, the VPN clients from Mullvad and Proton integrate more features themselves, than what is natively available.