{
  pkgs,
  config,
  systemd,
  user,
  ...
}:
{

  # enabling firejail for sandboxing
  programs.firejail = {
    enable = true;
  };

  # enabling doas
  security.doas.enable = true;
  security.sudo.enable = false;
  security.doas.extraRules = [
    {
      users = [ user ];
      keepEnv = true;
      persist = true;
    }
  ];

  # setting up a polkit
  security.polkit.enable = true;
}