jeffz wrote: > vitamin wrote: > >> jeffz wrote: >> >>> It never sandboxed anything, even if you removed Z: >>> >> It does. Only it's not 100% foolproof. Wine does not use virtualization which is required to completely sandbox windows apps. >> > > > "sandbox" implies intentional security, is what I meant. > Wine is NOT intentionally secure. It can and will do EVERYTHING that the calling user can do in the base operating system. This has been a long subject of discussion on wine-devel in relationship to running viruses and other malware. If you need that level of security, you really need to invest in: 1. A machine that you can completely destroy (and I mean destroy as in it will be junk when you get done.) 2. A virtualization system that will 'sandbox' off what you are doing from the rest of the system. Wine is not and cannot be either of these. James McKenzie
