http://bugs.winehq.org/show_bug.cgi?id=59767 --- Comment #4 from Aaron Rainbolt <arraybolt3@gmail.com> ---
I don't mean Wine but whatever app (desktop environment?) is installed in the sandbox. If you don't want it to be able to automatically execute programs outside the of sandbox that mechanism should be disabled. There may be other launchers (emulators) that could be used in the same way.
I think we may be having a misunderstanding about how Linux app sandboxing mechanisms work. Both Flatpak and Snap assume that opening a file and executing a file are two different things. This assumption is warranted, because the mechanism that handles file associations under Linux (xdg-mime) explicitly documents that opening and executing are two different things and that file openers should never blindly execute code. Both Flatpak and Snap allow a sandboxed application to say "open this file with whatever its default file handler is", which will either launch an app in a different sandbox, or launch an unsandboxed app. xdg-desktop-portal-gtk then finds a file handler for the file its been given, and runs it, pointing it at the file. In the context of Wine, that file handler happens to execute arbitrary code. There isn't anything in the pipeline that knows it's about to execute code, except for Wine. That's why I suggested adding a prompt to Wine itself. There isn't any such thing as "disabling" this. One would have to either disable access to xdg-desktop-portal-gtk entirely (which is impossible with the current design of Flatpak from what I understand and would severely break applications if it was done in general), or they would have to remove the Wine EXE file association from the system entirely. There isn't any way to say "ignore this particular file association because it executes code". Even if there was a way to ignore a specific file association, it would be unreasonable to make sandbox designers use it, since that would require maintaining a blacklist of known-unsafe file handlers, and there's no good way to find every application that registers an unsafe handler. According to the docs, unsafe handlers shouldn't exist at all.
This is the responsibility of the process that invokes Wine (or any other app that executes a file).
Only if the process that executes a file knows that it is going to execute a file. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.