Re: Wine securityflaw.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, 27 Oct 2002, Peter Andersson wrote:

> What is it with you people?
> I was just trying to make a point about the security risks about using wine
> at present.  And you start flameing me?

We're not flaming you. We're just see big flaws with your proposal. We
also proposed alternatives that seem to make more sense to us.

Why don't you study how chroot or jail could be used in combination with
Wine to build a sandbox? As far as I know no-one has tried that and it
is possible that some changes in Wine could make things simpler to set
up. Of course, we won't know until someone actually tries this.

Also, I'm told that jail (available on FreeBSD) is much better than
chroot. chroot only restricts access to files while I believe jail can
also restrict access to other running processes and other system
resources.  Unfortunately I don't think a jail-like functionality is
implemented on Linux. If you were to implement this I'm sure countless
people would be grateful.

http://docs.freebsd.org/44doc/papers/jail/jail.html


Finally you could wrap it up by writing scripts that would make it easy
to run Wine in a sandbox, and restore the sandbox to a clean state after
a program has been run.


-- 
Francois Gouget         fgouget@free.fr        http://fgouget.free.fr/
           Demander si un ordinateur peut penser revient à demander
                          si un sous-marin peut nager.

_______________________________________________
wine-users mailing list
wine-users@winehq.com
http://www.winehq.com/mailman/listinfo/wine-users

[Index of Archives]     [Gimp for Windows]     [Red Hat]     [Samba]     [Yosemite Camping]     [Graphics Cards]     [Wine Home]

  Powered by Linux