WelcomeWelcome | FAQFAQ | DownloadsDownloads | WikiWiki

Author Topic: Maximise restrictions of chrooted wine  (Read 1412 times)

Offline Ulysses_

  • Full Member
  • ***
  • Posts: 232
Maximise restrictions of chrooted wine
« on: December 17, 2011, 06:54:28 AM »
Some people recommend running any essential windows applications under a severely restricted user account, just for wine. Using chroot too would make an even more restricted environment that can be disposed of, if malware is suspected.

Has anyone come up with a systematic method for determining the absolute minimum of files and hardware access required by an application? You guys creating extensions must have a method. Surely there is more to it than just looking at file access timestamps? How would you tell what hardware access is required?
« Last Edit: December 17, 2011, 07:34:29 AM by Ulysses_ »

Offline curaga

  • Administrator
  • Hero Member
  • *****
  • Posts: 10957
Re: Maximise restrictions of chrooted wine
« Reply #1 on: December 18, 2011, 02:14:02 AM »
Wine only needs X (2d) and DRI (3d) access depending on your app. You can have a very limited /dev in the chroot.
The only barriers that can stop you are the ones you create yourself.