Another article that makes me want Wine to run in a sandbox

David Gerard dgerard at gmail.com
Sun Nov 8 09:24:28 CST 2009


2009/11/8 Dan Kegel <dank at kegel.com>:
> On Sun, Nov 8, 2009 at 3:25 AM, Ben Klein <shacklein at gmail.com> wrote:

>> I believe the type of sandboxing being discussed includes things like
>> preventing Win32 apps from breaking out into native calls using the
>> infamous interrupt trick. Correct me if I'm wrong though :)

> No, I was thinking of native sandboxing, so even if they did
> manage to make native calls, they couldn't do any harm.
> Running as another uid is a fine example of a native sandboxing
> technique.  (So, on a single user system, you could have a
> uid dedicated to running sandboxed apps, and it would be
> unable to affect the regular user's data.)  This would
> only be useful for apps that don't need to load or save user data
> (probably), for example, for casual games.


Yes, Unix comes with pretty good sandboxing built-in in the form of
separate user names. Then one could explicity open communication
channels between the Unix environment and the Wine user, rather than
trying to close off open-everything.

Fairly obviously, it'll take some pretty substantial real-world need
for this to get anywhere near the winehq tree! But it's an interesting
idea. Imagine, successfully securiing Win32 ...


- d.



More information about the wine-devel mailing list