Perhaps even a need gap for 'little snitch for browser extensions' as a browser extension(Considering OS LS or similar usually gets whitelisted for 80/433 with browsers).
Is it even possible or would the sandbox prevent such an extension from functioning?
Isn't Little Snitch essentially an interactive firewall? Rather than silently denying/allowing traffic, it needs the user's decision until a connection is white/black listed? Why would this not be allowed on Linux? (other than the app doesn't exist, yet)
However, if you allow everything to 80/443, the extensions would still be able to connect to their servers. Maybe the browsers should add the ability to allow/deny connections per extension.
Every once in a while something comes up trying to be 'Little Snitch for Linux' but none has survived AFAIK, To be honest one of the reasons I use macOS is for LS and I've heard few others say that too. But now since macOS is bypassing LS or limiting its function or to put it simply doing weird network stuff I'm planning to get back to Linux.
This is entirely possible. Either by isolating the application into a network namespace (e.g. via firejail or systemd units), with selinux labels, running the process under a custom gid and various other mechanisms.
Extensions used to be able to even network requests triggered by browser internals and by other extensions. I think with webextensions this is no longer possible.
