[Wine] block wine internet access

[James McKenzie]

vitamin wrote:
> nutpantz wrote:
>   
>> can i stop access on a application by application basis?
>>     
>
> No, you can't. It would be really easy to get around this if it's done by Wine itself.
>
> Wine can't stop an application calling system functions because it's 100% user space.
>   
No, he cannot block by application, and I don't know if this is possible
with Linux out-of-the-box.  But he can use iptables and other programs
to block by uid and port.  Thus, if a specific user is used to run Wine
(the su - <username> type script) and then block that user from all
Internet access excepting the local internet, which should be a
blackhole set (10.x.x.x, 172.16.x.x, 192.168.x.x) then this would be
possible. 

However, why are you so concerned about spyware?  I don't use Wine to
browse the web nor read mail.  There are better programs than what will
run under Wine for this purpose. If you are testing spyware programs to
see if Wine will or will not run them, then you should not be connected
to ANY network, local or Internet.

James McKenzie