It doesn’t have any containerization between instances. There is an experimental opt-in setting for it but it’s completely broken. It’s just sandboxed because of flatpak.
The reason I’m asking is that separate wineprefixes will look like a “different wine instance” to a layman, but they’re not the same thing as a sandbox. Wine mounts the host filesystem under the Z: drive, and even beyond that there are probably ways to escape the Wine environment. For true sandboxing some additional layers will be required.
From a security standpoint, yes they can be broken out of, just like a docker or a virtual machine , but they use bubblewrap to isolate environments just like flatpaks. Malicious content aside they are just as isolated and sandboxed as a docker image or vm
Yes, it has different wine instances for each installed application, it uses a flatpak style separation to prevent them from accessing each other.
It doesn’t have any containerization between instances. There is an experimental opt-in setting for it but it’s completely broken. It’s just sandboxed because of flatpak.
The reason I’m asking is that separate wineprefixes will look like a “different wine instance” to a layman, but they’re not the same thing as a sandbox. Wine mounts the host filesystem under the Z: drive, and even beyond that there are probably ways to escape the Wine environment. For true sandboxing some additional layers will be required.
From a security standpoint, yes they can be broken out of, just like a docker or a virtual machine , but they use bubblewrap to isolate environments just like flatpaks. Malicious content aside they are just as isolated and sandboxed as a docker image or vm