Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
wao0uuno 2 hours ago

Running games on Linux via Proton provides some isolation. It’s not technically a proper sandbox though.

parasense an hour ago | parent | next [-]

Proton is just emulation, and it will happily expose the underlying host system to the running game software. In particular the filesystem and some peripheral devices. However, Valve is moving towards sandboxing in Steam. You can already run the whole thing with a flatpak sandbox, and valve themselves are using ostree. With srvio is possible to run the whole thing in a throwaway windows vm while the graphics card is passed through

sophrosyne42 an hour ago | parent [-]

This is why it was foolish to give a new name to it. It was originally called Wine Is Not an Emulator.

zufallsheld 30 minutes ago | parent [-]

It's not a new name. Proton is Valve's fork of wine. They also contribute patches to wine.

unethical_ban 7 minutes ago | parent [-]

I think their point is proton is not an emulator.

q3k an hour ago | parent | prev | next [-]

You can just use Linux syscalls from an .exe executed by Wine. There is no sandboxing.

https://gist.github.com/q3k/e5952111283ea59ee78a7699919a055b

SuperNinKenDo 2 hours ago | parent | prev [-]

Anything that wants to traverse your filesystem could do so trivially from a wineprefix, but stuff like sniffing your browser extensions might be harder depending on the technique.