[Wine] how to disable root / filesystem access

James McKenzie jjmckenzie51 at earthlink.net
Sat Jan 23 20:15:56 CST 2010


jeffz wrote:
> vitamin wrote:
>   
>> jeffz wrote:
>>     
>>> It never sandboxed anything, even if you removed Z:
>>>       
>> It does. Only it's not 100% foolproof. Wine does not use virtualization which is required to completely sandbox windows apps.
>>     
>
>
> "sandbox" implies intentional security, is what I meant.
>   
Wine is NOT intentionally secure.  It can and will do EVERYTHING that
the calling user can do in the base operating system.  This has been a
long subject of discussion on wine-devel in relationship to running
viruses and other malware.  If you need that level of security, you
really need to invest in:

1.  A machine that you can completely destroy (and I mean destroy as in
it will be junk when you get done.)
2.  A virtualization system that will 'sandbox' off what you are doing
from the rest of the system.

Wine is not and cannot be either of these.

James McKenzie




More information about the wine-users mailing list