Hello All,
Is there some where that I can read docs that talk about the directory mapping sub-system?
In particular, I am interested in the way that you can "map" user directories in the configuration file in a users HOME directory.
What I am thinking about is how one might use this same idea to "Jail" Linux user directories so that users cannot navigate out of their home directory as a security feature.
Just playing with ideas, but I thought that the Wine sub-system might offer a great feature for this in that applications could not do anything even if they were to "Break" Out" as they would be going through a translation layer just like the Window applications but onlu still being Linux applications.
Any ideas on this?
Thanks, Lonnie
Lonnie Cumberland wrote:
Just playing with ideas, but I thought that the Wine sub-system might offer a great feature for this in that applications could not do anything even if they were to "Break" Out" as they would be going through a translation layer just like the Window applications but onlu still being Linux applications.
Any ideas on this?
A Win32 program running on Wine could detect that it was really running under linux, and then do linux syscalls directly. So theoretically, Wine itself has no hard measure of protection. However, you can define the Wine drives to point to someplace innocent, you can run Wine as a separate unix user, and I guess you can use the usual chroot or jailroot or whatever they are called.
regards, Jakob
-
Jakob Eriksson -
Lonnie Cumberland