WineHQ
Wine Forums

Board index » WineHQ » Wine Help » Linux




 Page 1 of 1 [ 5 posts ] 



 
Author Message
 Post Posted: Tue Sep 19, 2017 12:36 am 
Offline
Level 1
Level 1

Joined: Wed Aug 09, 2017 7:19 am
Posts: 7
Location: Australia
Hi,

I am executing an wine program but it has access to the root folder of the host.

How can I remove this access ? I have already checked that .wine/dosdevices/ links are not pointing to the root folder.

Regards


Top 
 Post Posted: Tue Sep 19, 2017 2:43 am 
Offline
Level 2
Level 2

Joined: Thu Aug 14, 2014 10:10 am
Posts: 25
Did you remove the links in dosdevices by hand or in winecfg?

<Edit>
never mind, the root folder is still accessible after I removed the Z drive in winecfg
</Edit>


Top 
 Post Posted: Tue Sep 19, 2017 3:52 am 
Offline
Level 2
Level 2

Joined: Thu Aug 14, 2014 10:10 am
Posts: 25
Does winetricks sandbox option do what you want?


Top 
 Post Posted: Tue Sep 19, 2017 7:12 am 
Offline
Moderator
Moderator
User avatar

Joined: Tue Mar 25, 2008 10:30 pm
Posts: 11670
Removing the z: symlink removes the ability to read or write files outside the wineprefix, however, the directories and files will still be visible in Wine explorer and winefile. There is no way to prevent that.


Top 
 Post Posted: Wed Sep 20, 2017 12:30 am 
Offline
Level 2
Level 2
User avatar

Joined: Sat Sep 02, 2017 12:30 am
Posts: 20
Hi. Technically this isn't wine, but I want to help :-)

It would probably help if you told us why this matters. If your user account has access, then something running as you will have that access, regardless if it's vi or wine... and just because your app can see the root directory, doesn't mean you can access or change something your user account doesn't have rights for.

If you truly need something to not see something else, no amount of sandboxing or chroot'ing will help you. That's not how computers work. If you need access to something to make the app (or the OS itself) function, you can't then turn around and block it from access.

If it's a safety thing, like you're playing around with viruses and wanting to see how they work in a live environment, get a separate PC and run them there, where you can wipe the usb stick or HDD when you're done and re-image from a backup.

Container virtualization is considered a secure way to do it. Are you familiar with lxc? The idea is, it's a bit more isolated than a chroot, but not the overhead of running a full separate guest OS. Lots of companies do it this way. (there's a Capitalist product Docker that many sysadmins love, that has a community edition since it was initially open source.)

Of course you can just install said app in a guest windows image, or a guest linux running wine image, for your hypervisor of choice. ie. there's plenty of tools to copy your system into an image to virtualize, ex: virt-p2v-make-disk.

Again, if you share why seeing the root fs is bad, we could answer more accurately. This is the best I can do without details.

Good luck!


Top 
Display posts from previous:  Sort by  
 
 Page 1 of 1 [ 5 posts ] 




Board index » WineHQ » Wine Help » Linux


Who is online

Users browsing this forum: cauhape and 7 guests

 
 

 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to: