libreplanet-discuss
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [libreplanet-discuss] Why contains in nonfree that's not ethical?


From: Adam Bolte
Subject: Re: [libreplanet-discuss] Why contains in nonfree that's not ethical?
Date: Thu, 19 Mar 2015 03:08:07 +1100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Icedove/31.5.0

On 19/03/15 02:14, Michael Siepmann wrote:
> Thanks.  Your thoughts led me to the idea of trying Wine in a
> virtualized instance of GNU/Linux, so any Windows applications would be
> sandboxed and not have access to my physical computer.  (I see at
> http://wiki.winehq.org/FAQ#head-f566a12c806a1eacaeefb7cb6419a513a773c571
> that there are also other ways to achieve sandboxing, with which I'm not
> yet familiar: AppArmor, SELinux).

You could maybe create a separate user account which to sudo -u
wineaccount wine winapp.exe into. That will provide some basic
separation, preventing Wine from accessing your actual home directory.
You could also combine that with SELinux or Apparmor if you wanted to.

You could kick security up a notch with a chroots (perhaps managed via
schroot). While chroot isn't exactly a security tool, you're not running
privileged code so it should help.

And if you still have doubts, you could even look to Docker.
http://fabiorehm.com/blog/2014/09/11/running-gui-apps-with-docker/

All of these should be much faster than a virtual machine, however I
imagine Docker would pretty much restrict you to basic 2D apps if using
the method described in the link.


Attachment: signature.asc
Description: OpenPGP digital signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]