2010/1/9 buratinas <wineforum-user@xxxxxxxxxx>: > I am particularly interested in these issues: > * If I do not connect my filesystem to wine in any way (through winecfg), is there a possibility to untrusted program to read anything outside .wine/drive_c directory? > * Is there any possibility for that program to access internals of my system (like things in /proc, for example currently running processes). > * Is there any way to get information what exact graphics subsystem I am running (e.g. version of X server etc.)? A program running in Wine has all the power of the user it runs as. If you run it as you, it can do anything you can. Wine slightly sandboxes Windows applications, but it *does not* promise security - because it can't promise security. A "Windows" binary running under Wine can still execute an INT 0x80 to run a Linux system call, and break out of .wine and do anything on the system that the user it's running as can do. c.f. ZeroWine, a system for testing viruses and malware (known malicious software) in Wine - it runs Wine in Debian in QEMU, completely isolated from the host system, to avoid it doing anything horrible. - d.