Another virus-in-wine story
Stefan Dösinger
stefandoesinger at gmx.at
Sun Oct 25 16:06:29 CDT 2009
Am 25.10.2009 um 10:57 schrieb Scott Ritchie:
> Many apps don't need to view the user folder for documents but also
> employ programmable scripting engines - a good example are games. It
> would be much more convenient to pass some sort of "sandbox me, allow
> network, deny home folder access" switch to Wine than to muck about
> with
> stuff like AppArmor profiles.
The usual reply to this is that Windows apps in Wine can just issue
Linux system calls, so any Wine-based sandboxing is security by
obscurity. You need something at the syscall layer.
More information about the wine-devel
mailing list