Tiny Core Linux

General TC => General TC Talk => Topic started by: Ulysses_ on December 17, 2011, 06:54:28 AM

Title: Maximise restrictions of chrooted wine
Post by: Ulysses_ on December 17, 2011, 06:54:28 AM

Some people recommend running any essential windows applications under a severely restricted user account, just for wine. Using chroot too would make an even more restricted environment that can be disposed of, if malware is suspected.

Has anyone come up with a systematic method for determining the absolute minimum of files and hardware access required by an application? You guys creating extensions must have a method. Surely there is more to it than just looking at file access timestamps? How would you tell what hardware access is required?

Title: Re: Maximise restrictions of chrooted wine
Post by: curaga on December 18, 2011, 02:14:02 AM

Wine only needs X (2d) and DRI (3d) access depending on your app. You can have a very limited /dev in the chroot.