I would like to enforce the security access of some files in my Home folder.
My concern is about processes running with the same privileges as me having access to those files.
I've been wondering about this for some time, because the role based security in Linux is great but weak for things running in the same role. Particularly when it comes to an user account that is very active, every file laying inside the home folder is vulnerable to the user actions. For example, installing a malicious Firefox plug-in, the other parts of the OS won't be touched but all the files inside the home folder can be exposed and installing a Firefox plug-in is something any user could do with out any special privilege.
Best Answer
You will be probably best off with either a security framework implementing RBAC or MAC (grsecurity for the former, SELinux, AppArmor, Tomoyo Linux for the latter) which lets you define finer grained permissions per application.
Apart from that, recent Linux kernels offer namespaces which allow you to change the way different processes see the whole system. If you mount empty directory over say
$HOMEfor the untrusted process, it won't be able to read your files.