this post was submitted on 26 Jan 2024
134 points (94.1% liked)
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
54566 readers
504 users here now
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
📜 c/Piracy Wiki (Community Edition):
💰 Please help cover server costs.
Ko-fi | Liberapay |
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
And that would achieve what exactly? The exploits won't be the same. The permission structure shouldn't allow it to do anything that would compromise the system. Maybe it can phone home, but to what effect?
Does it necessarily need exploits? I might be wrong, but I believe games running in wine can access any file your user can. It should still be able to delete, edit or encrypt them. Wine just translates calls, it doesn't create a locked down container or anything iirc
Proper permissions would not give the game access to anything it didn't actually need to run. It should be running either as it's own user or wine. You don't need a container. How did you think containers get locked down anyway? They run as a user with very limited access.
If youre running it under your current user, theoretically anything your user can do (which usually means all your personal files)
I'm not too sure bottle's default security cause I use flatseal so aggressively, but even allowing access to a directory where your games are stored could be a security issue (just for simple malicious things like filling up your drive)
That would be poorly configured permissions. There's very little reason you should let any game run under a users own permissions, especially if you got it from a less than reputable source. Proper permissions would give it only enough access to run, nothing more.
I dont think the workflow is yet streamlined enough to assume a regular user would create a per game-user, that being said I just checked bottle's default permissions and its not horrible, no filesystem access other than the app's.
That being said it still is gonna be vulnerable to x11 keyloggers like most linux software is rn