Another virus-in-wine story

Stefan Dösinger stefandoesinger at gmx.at
Sun Oct 25 16:06:29 CDT 2009


Am 25.10.2009 um 10:57 schrieb Scott Ritchie:
> Many apps don't need to view the user folder for documents but also
> employ programmable scripting engines - a good example are games.  It
> would be much more convenient to pass some sort of "sandbox me, allow
> network, deny home folder access" switch to Wine than to muck about  
> with
> stuff like AppArmor profiles.
The usual reply to this is that Windows apps in Wine can just issue  
Linux system calls, so any Wine-based sandboxing is security by  
obscurity. You need something at the syscall layer.




More information about the wine-devel mailing list