How can I isolate a wine prefix?

[Zohan]

I use a lot of wine prefixes, and I don't like my Linux environment (home) being stuffed or defaced by any Windows application - therefore, I set "Drives" (winecfg) only drive C: and I set no links in "Desktop Integration".

Nevertheless, I often get Windows remnants or installation debris all over my Linux /home. How can I stop Wine from accessing my home directory in any way?

[dimesio]

Remove the Z: drive. That may prevent some apps from working.

[Zohan]

Remove the Z: drive. That may prevent some apps from working.

Actually, this is exactly what I do all the time. The problem is, it does not always work. Somehow programs can escape from the cage, but I have no idea how.

[dimesio]

Can you give a specific example--what program, and where is it writing outside the wineprefix?

[Zohan]

Can you give a specific example--what program, and where is it writing outside the wineprefix?

Hmm, yes. Just an example: A few days ago I tried to install Path Of Exile. I got the POE installer, created a Wine prefix in the usual way (as I have described, deleting the links in winecfg and the drive associations, all but C:). Installing didn't work because program restart failed for some reason, which is quite often the case. It doesn't matter anyway, it was just a try.

Next time I would try a Windows installation and copy the program directory to the Wine prefix.

Anyway - afterwards, I was bound to find the debris of the installation attempt in my Linux /home directory, .dlls, .exes, and a .tmp directory.

It's not really that important, you know, but my home directory is not some program's trash bucket. It's the main location I am working on. Creating files there and deleting is not exactly what I appreciate.

[Zohan]

Installing didn't work because program restart failed for some reason
...
Anyway - afterwards, I was bound to find the debris of the installation attempt in my Linux /home directory, .dlls, .exes, and a .tmp directory.

The more I think about it, the more I come to the idea that these two circumstances are related.

Can someone please comment if this is official behaviour - Wine sometimes writing off place - or a bug to be reported?

[dimesio]

Removing the Z: drive is not recommended; if something doesn't work because of it, that's not a bug.

[klimt]

It's not recommended but it's working

[pmaloney]

Yes, I hate this too. The solution? Run 'winetricks sandbox' right before you start up an application. That will get rid of the links to Documents, Pictures, etc. in your home directory and keep them within the users directory in the wine prefix. The reason I was told to run it every time is that there are certain actions (what, I don't know) that can reset those directories. This keeps things cleaned up for me, especially when I want to move a prefix somewhere else...I know everything is inside it.

I also delete all drives, but C:. The only problem I have there is that I usually have to copy and .EXE into the drive_c directory before I run it (for an install).

Good luck!

-Patrick

[Zohan]

Removing the Z: drive is not recommended; if something doesn't work because of it, that's not a bug.

Hmm. Writing somewhere into the filesystem where is not configured I would not exactly call role model like behaviour.

Is there way of stopping Wine from writing except into its $WINEPREFIX? Somebody experiences with chroot or jail?

[dimesio]

https://bugs.winehq.org/show_bug.cgi?id=31114

[pmaloney]

Removing the Z: drive is not recommended; if something doesn't work because of it, that's not a bug.

Hmm. Writing somewhere into the filesystem where is not configured I would not exactly call role model like behaviour.

Is there way of stopping Wine from writing except into its $WINEPREFIX? Somebody experiences with chroot or jail?

Use 'winetricks sandbox'!!! And...delete the Z: drive. No, it does not deal with the security issue mentioned in that bug, but it will keep non-malware from writing outside the prefix.