https://bugs.winehq.org/show_bug.cgi?id=45419
Bug ID: 45419 Summary: Read-only file system Product: Wine Version: 3.3 Hardware: x86 OS: Linux Status: UNCONFIRMED Severity: enhancement Priority: P2 Component: -unknown Assignee: wine-bugs@winehq.org Reporter: tolikk91@yandex.ru Distribution: ---
Created attachment 61737 --> https://bugs.winehq.org/attachment.cgi?id=61737 for example in UI
Can one make a read-only option for virtual hard disks for better security?
https://bugs.winehq.org/show_bug.cgi?id=45419
--- Comment #1 from Alexandre Julliard julliard@winehq.org --- This wouldn't add any security because the files can always be opened through the Unix path. You should change the permissions at the Unix level instead.
https://bugs.winehq.org/show_bug.cgi?id=45419
Fabian Maurer dark.shadow4@web.de changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |dark.shadow4@web.de
--- Comment #2 from Fabian Maurer dark.shadow4@web.de --- Well, technically we could for example intercept any write call to files outside of the WINEPREFIX, and prevent them. But if that's wanted is another question, sandboxing isn't one of wine's stated goals - but it could help security.
https://bugs.winehq.org/show_bug.cgi?id=45419
--- Comment #3 from Alexandre Julliard julliard@winehq.org --- It's always possible for an app to do direct syscalls, Wine is not a sandbox and cannot prevent that. It would only offer the illusion of security.
https://bugs.winehq.org/show_bug.cgi?id=45419
Fabian Maurer dark.shadow4@web.de changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Resolution|--- |INVALID
--- Comment #4 from Fabian Maurer dark.shadow4@web.de --- So, resolving as invalid.
https://bugs.winehq.org/show_bug.cgi?id=45419
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Summary|Read-only file system |Consider adding 'read-only' | |option for virtual drives | |for better security | |("read-only file system") CC| |focht@gmx.net
--- Comment #5 from Anastasius Focht focht@gmx.net --- Hello folks,
rewording summary. Otherwise it could be also interpreted as a bug report due to read-only filesystems. Please always try to provide a sensible summary line in first place. Bugzilla/Google search engine queries depend on the quality of the ticket fields.
Regards
https://bugs.winehq.org/show_bug.cgi?id=45419
André H. nerv@dawncrow.de changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |nerv@dawncrow.de Status|RESOLVED |CLOSED
--- Comment #6 from André H. nerv@dawncrow.de --- closing invalid
-
wine-bugs@winehq.org