Jokes aside, the fact that Wine defaults to mounting your entire drive to the fake Windows environment is a major security issue. This whole project is a very impressive engineering feat but the user experience is so bad it can have disastrous consequences.
wine also lets windows executables call any syscall of the host, a malware could attempt to detect wine and just call posix syscalls even if you dont mount your drive to the virtual windows enviroment, this also means that flatpak or bubblewrap doesnt do as much as you would hope for
Jokes aside, the fact that Wine defaults to mounting your entire drive to the fake Windows environment is a major security issue. This whole project is a very impressive engineering feat but the user experience is so bad it can have disastrous consequences.
wine also lets windows executables call any syscall of the host, a malware could attempt to detect wine and just call posix syscalls even if you dont mount your drive to the virtual windows enviroment, this also means that flatpak or bubblewrap doesnt do as much as you would hope for
You can install Wine as flatpak. That should solve some of the issue.
Wow. You found a way to make wine’s issues worse by adding the supply-chain risk on top.