How to use GUI to configure isolated containers?

I started to use containers using the manual on omv-extras and implemented the basic appuser scenario. Everything OK.

Now I want to take security to the next level, because I want to use containers that will use the internet (e.g. transmission, nextcloud). The manual gives a good guidance for a setup with dedicated container users to isolate the containers. I am struggling to set things up with the GUI and have to use the CLI to get it right. For example I changed ownership of the `${PATH_TO_APPDATA}/transmission` and `${PATH_TO_DATA}/transmission` from root to the transmission (container) user.

I prefer to use the GUI only, since I am a very infrequent user and like to rely on OMV settings in the GUI only. I know I cannot avoid to use the CLI to create a container user that is not a member of the users group. However, I would like to configure all other stuff in the GUI as much as I can. Is it possible to use the GUI to enforce the transmission container can only acces the persistent folders? If yes, how?

It is the second option, I wanted to create a dedicated user for each container, as described in the manual as the better security option vs using a generic appuser for all containers.

But you are probably right with regards to the overkill. I am only using images from linuxserver, so the likelihood that those will be compromised is pretty low. I will stick to the appuser variant for now. Thank you for your advise.