Wine Security Disclosure
ivg231 at gmail.com
Fri Mar 14 19:42:27 CDT 2008
> No matter what if your running a program, be it linux or windows (on
> wine) it always has the potential to mess up things that the user
> running it has access too.
Not true - you should be running in a SELinux sandbox to solve this problem. I'm not sure if the technology is mature enough for this, but it can and will constrain beyond user privs.
> So if you run it as a normal user the worst it can do is mess up that users files
> All of your important system files are owned by root (or they should be...)
Quite the opposite in fact - anything important's already in the user's files - saved passwords, crypto keys, personal data, financial files. The root stuff is not interesting at all, except as a means to get to the user's files.
More information about the wine-devel