https://bugs.winehq.org/show_bug.cgi?id=50797
Bug ID: 50797 Summary: Please sandbox all Wine applications on launch Product: Wine Version: unspecified Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: wineserver Assignee: wine-bugs@winehq.org Reporter: luke.hutch@gmail.com Distribution: ---
I had a Windows virus, running in WINE, wipe a large chunk of one of my Linux hard drives before I realized it and stopped the damage. Windows antivirus software is too complex to run in WINE, so all Windows applications run in WINE may damage a user's home directory. This leads to a very uneasy feeling whenever I launch any Windows application in WINE on Linux.
There are now many ways to sandbox Linux applications, via a series of fairly new Linux kernel features, and also due to some libraries and systems built on top of these new isolation mechanisms. Please see my request here in the RedHat bug tracker:
https://bugzilla.redhat.com/show_bug.cgi?id=1179507
It would actually be much better to fix this upstream in Wine than have just one vendor (RedHat) fix this in their distribution.
https://bugs.winehq.org/show_bug.cgi?id=50797
Olivier F. R. Dierick o.dierick@piezo-forte.be changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |o.dierick@piezo-forte.be Status|UNCONFIRMED |RESOLVED Severity|normal |enhancement Resolution|--- |INVALID
--- Comment #1 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- !!!Always make backups of data you don't want to loose!!!
Hello,
Simple answer: No. This is outside of the Wine project.
The project goal is to provide a Windows environment as close as the real thing as possible, and all development effort goes to mimicking the Windows base OS, working around and overcoming Windows to Linux/MacOS differences, using real use case of Windows applications as a base.
Considering the myriads of possible container formats, the efforts it would take to maintain them and the limited resources of the Wine project, WineHQ.org only provides standard packages for the major distributions.
About Flatpak container format. See bug 47000.
About implementing some kind of run-time sand-boxing mechanism inside wine itself, see bug 49701.
About virus concerns, see bug 11421.
!!!Always make backups of data you don't want to loose!!!
Regards.
https://bugs.winehq.org/show_bug.cgi?id=50797
Gijs Vermeulen gijsvrm@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #2 from Gijs Vermeulen gijsvrm@gmail.com --- Closing INVALID.
-
WineHQ Bugzilla