https://bugs.winehq.org/show_bug.cgi?id=56310

Bug ID: 56310 Summary: Isolate Filesystem from Wine Product: Wine Version: unspecified Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: enhancement Priority: P2 Component: -unknown Assignee: wine-bugs@winehq.org Reporter: doomsdayrs@gmail.com Distribution: ---

## Background

Currently, Wine by default allows Windows programs full access to the Linux file system.

This, is of course inherently insecure and exposes the system to being vulnerable to malware.

This is also not ideal for Atomic Systems such as Fedora GNOME Atomic, in which Wine is installed via Flatpak.

## Solution

Isolate Wine from the filesystem by not mounting all drives to Wine.

## Side effects

The User can no longer access drives and storage outside of wine by default.

## Side effect solution

There are a few methods to solving this issue.

- Provide an option in the Wine File Picker to open the XDG File Chooser instead. Documentation here: https://flatpak.github.io/xdg-desktop-portal/docs/doc-org.freedesktop.portal... - Provide an option to select directories in Wine Config. (Possible blocker is that there does not seem to be a way currently to have persistent access to a directory) - File Manager integration, providing a "Wine" or "Windows" section similar to how NextCloud does with it's nautilus integration.