Wine/PlayOnLinux Best Practices
mojosam
I was rather shocked to see that PlayOnLinux hogs 800 MB on my hard drive. I guess there's support in there for just about every freaking service that any Windows application might want. I had just assumed that that stuff would be installed on an as-needed basis (Maybe standalone Wine does this?).
This got me thinking about attack surface. Since this is in my regular Fedora 24 template, won't this codebase be included in every app VM I run, whether I'm running PlayOnLinux in that app VM or not? Presumably none of that code would be running, but it would still be accessible to malware that wanted to call it.
Related to that, if I am using a PlayOnLinux application, then whole hunks of that codebase would now be running in that app VM, so any preexisting malware/bugs would now be alive and fermenting within the app VM.
To minimize these effects, I'm now thinking that the best thing to do is to install PlayOnLinux in a standalone VM and run all of its applications in that VM only.
I'd kind of like to minimize the rampant spread of standalone VMs in my system, but it seems like this one might be justified.
Reg Tiangha
the wine stuff. That's what I do. But, those are different paths up the
same mountain. I just make it a TemplateVM rather than standalone to get
all the benefits of the Template/AppVM model. All the user PlayOnLinux
stuff gets stored in /home anyways and I have the free disk space, so
why not?
Franz
--
You received this message because you are subscribed to the Google Groups "qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscribe@googlegroups.com.
To post to this group, send email to qubes...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/o6oid8%24i06%241%40blaine.gmane.org.
john.david.r.smith
> Since this is in my regular Fedora 24 template, won't this codebase be included in every app VM I run, whether I'm running PlayOnLinux in that app VM or not?
> Presumably none of that code would be running,
> but it would still be accessible to malware that wanted to call it.
if it has remote code execution it simply can call
sudo dnf install -y playonlinux
it also could download anything and simply execute it as root.
(root has no password)
so not having something installed does not protect you if you would not call it anyways.
it does protect you from user errors. e.g.:
you have some malicious pdf in a vm.
if you have noting to open the pdf, you can't accidentally open it and corrupt your vm.
mojosam
> you have some malicious pdf in a vm.
> if you have noting to open the pdf, you can't accidentally open it and corrupt your vm.
Isn't that the concept behind "attack surface"? If the code is there, something malicious might have the ability to call it. I think there was malware that was recently discovered that could exploit the floppy disk controller in either VMware or VirtualBox.
The bigger practical concern is that PlayOnLinux expanded my template by 800 MB. Is all of that cruft duplicated on the hard drive for every VM, or is it just accessed from the template as needed when the VM is activated?
Reg Tiangha
your AppVMs are based on the same TemplateVM and PlayOnLinux installed
it in the root partition. Clearly, it needs to do so when you first
install the package, but all of your programs that you install in Wine
including different Wine versions, libraries, etc once you start the
PlayOnLinux client all get stored in /home/user/.PlayOnLinux and those
are only accessible through the AppVM that you launched it from. A
different AppVM based on the same TemplateVM wouldn't be able to access
those apps unless you were to reinstall them on the new AppVM as well.
bassmei...@gmail.com
>
It's been a while since I used wine (I prefer just using an HVM for this) and PlayOnLinux, but here's the gist:
wine and wine dependencies are relatively light, but will create a "windows" simulated directory under ~/.wine which holds all the actual app executables.
Wine would go in TemplateVM and run in an AppVM. It WILL eat up space in the AppVM.
PlayOnLinux creates (Last time I used it) MULTIPLE windows directories (one for each app?) on the AppVM, which eats a ton of space. You probably only need PlayOnLinux if you are actually running a DirectX game etc. PlayOnLinux includes EVERY addon to Wine (Wine->OSS->PulseAudio) with patches to make specific applications work.
If you can get it running in just Wine, you can select which extensions get installed.
As for security, imagine my surprise when my Linux desktop started popping up malware ads, which ran quite happily in Wine.
john.david.r.smith
>> it does protect you from user errors. e.g.:
>> you have some malicious pdf in a vm.
>> if you have noting to open the pdf, you can't accidentally open it and corrupt your vm.
>
> Isn't that the concept behind "attack surface"? If the code is there, something malicious might have the ability to call it. I think there was malware that was recently discovered that could exploit the floppy disk controller in either VMware or VirtualBox.
the case is:
- there is something malicious
- it can execute code
hence it can install everything it wants to and exploit it (but that is not even necessary, since it only needs remote code execution to do anything it wants to do)
in this case we already executed something and caused the malicious code to become active (e.g. opened it with a program)
the case i mentioned was:
- there is something containing malicious code (e.g. a pdf)
- the code can't activate, since no piece of software parses this code
the attack surface is created by the code you execute rather the code that is on the system.
this is the case, because you only need remote code execution to own a qubes vm. (instead of remote code execution + privacy escalation)
the only advantage of not installing software is: you can't be able to accidentally execute it and activate some malicious code (but here your action would extend the attack surface)
at least this is my understanding of the situation.
> The bigger practical concern is that PlayOnLinux expanded my template by 800 MB. Is all of that cruft duplicated on the hard drive for every VM, or is it just accessed from the template as needed when the VM is activated?
if it is somewhere on /rw (e.g. /home/user) each cloned vm will have a duplicate.
if play on linux downloads the stuff after its first execution, you can simply only execute it in vms using play on linux.
mojosam
Precisely my concern!
I will probably eventually create a Windows HVM and just run necessary stuff in there. I didn't want to run an entire instance of Windows just to run the Kindle app.
As for my experience yesterday attempting to set all of this up, it was not pleasant. It took me many hours. Maybe half of that was learning where and how Qubes deals with installed software. That really does complicate things. Beyond that, I encountered numerous bugs and many crashes with PlayOnLinux and Kindle. I don't know how people can think POL (and presumably Wine) is a viable option.
What this has (re)taught me is the evils of DRM. There are a lot of books that are Kindle only. If I don't want the dead tree version, I'm stuck with Kindle. I live in a country (USA) that is very hostile to fair use. I'm now investigating DRM removal techniques. If that works out, I'm purging this disaster that is POL and Kindle app.
bassmei...@gmail.com
There's a good chance you don't need to just for Kindle. I've run many applications in bare Wine, until I found good replacements for them.
>
> I don't know how people can think POL (and presumably Wine) is a viable option.
As I mentioned above, they aren't actually 1:1 in terms of working or not working. Wine works, the caveat is that you have to make it work with your app, which can be a real PITA.
>
> What this has (re)taught me is the evils of DRM. There are a lot of books that are Kindle only.
I believe for a while I was able to use Chrome and the Kindle store to read kindle books? Perhaps that's an option.
As for DRM, well that's why I still buy physical books. The ones who really suffer are the authors, since DRM forces so many people who would have paid for the content to find an alternative that works.
I used to use a lot of commercial software on Windows, but after two years the validation servers would cease to exist and my apps went *p00f*. Thousands of dollars of unusable software. I've since happily spent money for apps and media that don't require DRM. I won't buy anything with DRM. Vote with your wallet.
Franz
--
You received this message because you are subscribed to the Google Groups "qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscribe@googlegroups.com.
To post to this group, send email to qubes...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f449c819-592c-4eaf-95fb-de31cdf32741%40googlegroups.com.