Would it make sense to create a specification for a fully virtualized file format, similar to
what is produced by the “dangerzone” app, but instead of converting the unsafe file
format, the file is virtualized and isolated within an encrypted volume, like LUKS, or
Veracrypt?
This would be for untrusted file formats from outside the LAN, or from an external device.
It would be like a quarantined volume for untrusted file formats like webp.