Max-P
link
fedilink
91Y

It’s not a sandbox, even though it somewhat acts like one.

There’s not a whole lot preventing a Windows exe from containing Linux code and executing it and effectively “breaking out” of the “sandbox”. Wine presents a Windows compatible view of the system but there isn’t anything really locking it down/preventing the executable from calling the Linux functions instead. It mostly just converts between the PE and ELF binary formats and provides the Windows libraries and interfaces.

So, it has a slight sandboxing effect but it’s essentially security through obscurity and Windows programs generally not expecting to have a whole Linux environment available.

A real sandbox enforces restrictions and makes it so you have to exploit the sandbox to break out of it. A good chunk of Wine is just Windows DLLs built with Linux awareness to do the plumbing, there’s no clear solid separation of both worlds.

Create a post

Gaming on the GNU/Linux operating system.

Recommended news sources:

Related chat:

Related Communities:

Please be nice to other members. Anyone not being nice will be banned. Keep it fun, respectful and just be awesome to each other.

  • 0 users online
  • 18 users / day
  • 139 users / week
  • 381 users / month
  • 1.43K users / 6 months
  • 1 subscriber
  • 864 Posts
  • 9.23K Comments
  • Modlog