Another article that makes me want Wine to run in a sandbox
David Gerard
dgerard at gmail.com
Sun Nov 8 09:24:28 CST 2009
2009/11/8 Dan Kegel <dank at kegel.com>:
> On Sun, Nov 8, 2009 at 3:25 AM, Ben Klein <shacklein at gmail.com> wrote:
>> I believe the type of sandboxing being discussed includes things like
>> preventing Win32 apps from breaking out into native calls using the
>> infamous interrupt trick. Correct me if I'm wrong though :)
> No, I was thinking of native sandboxing, so even if they did
> manage to make native calls, they couldn't do any harm.
> Running as another uid is a fine example of a native sandboxing
> technique. (So, on a single user system, you could have a
> uid dedicated to running sandboxed apps, and it would be
> unable to affect the regular user's data.) This would
> only be useful for apps that don't need to load or save user data
> (probably), for example, for casual games.
Yes, Unix comes with pretty good sandboxing built-in in the form of
separate user names. Then one could explicity open communication
channels between the Unix environment and the Wine user, rather than
trying to close off open-everything.
Fairly obviously, it'll take some pretty substantial real-world need
for this to get anywhere near the winehq tree! But it's an interesting
idea. Imagine, successfully securiing Win32 ...
- d.
More information about the wine-devel
mailing list