On Sun, 27 Oct 2002, Peter Andersson wrote:
What is it with you people? I was just trying to make a point about the security risks about using wine at present. And you start flameing me?
We're not flaming you. We're just see big flaws with your proposal. We also proposed alternatives that seem to make more sense to us.
Why don't you study how chroot or jail could be used in combination with Wine to build a sandbox? As far as I know no-one has tried that and it is possible that some changes in Wine could make things simpler to set up. Of course, we won't know until someone actually tries this.
Also, I'm told that jail (available on FreeBSD) is much better than chroot. chroot only restricts access to files while I believe jail can also restrict access to other running processes and other system resources. Unfortunately I don't think a jail-like functionality is implemented on Linux. If you were to implement this I'm sure countless people would be grateful.
http://docs.freebsd.org/44doc/papers/jail/jail.html
Finally you could wrap it up by writing scripts that would make it easy to run Wine in a sandbox, and restore the sandbox to a clean state after a program has been run.