this post was submitted on 07 Jun 2025
74 points (98.7% liked)
PC Gaming
11279 readers
426 users here now
For PC gaming news and discussion. PCGamingWiki
Rules:
- Be Respectful.
- No Spam or Porn.
- No Advertising.
- No Memes.
- No Tech Support.
- No questions about buying/building computers.
- No game suggestions, friend requests, surveys, or begging.
- No Let's Plays, streams, highlight reels/montages, random videos or shorts.
- No off-topic posts/comments, within reason.
- Use the original source, no clickbait titles, no duplicates. (Submissions should be from the original source if possible, unless from paywalled or non-english sources. If the title is clickbait or lacks context you may lightly edit the title.)
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
By default, Wine/Proton has access to your full Linux filesystem under the virtual
Z:/drive from within the Wine environment, so any dedicated adversary could include your Linux stuff into its data collection. The odds of this already occurring are probably low-ish. You can use bubblewrap raw to start sandboxing resources (e.g. blocking network access or masking directories), or there's a project called sandwine which presumably auto-configures the important stuff through bubblewrap (though I've never gotten around to trying it). Wine itself can also be configured to drop theZ:/drive through itswinecfgtool.Without a dedicated configuration, I'm not sure Wine has any real priority or guarantee about sandboxing your original system from Windows executables, which is also why it's important to remember that Windows malware can still do damage when running on a Linux system. The malware doesn't really even have to be aware that it's running in Wine if it just tries to encrypt any files it can reach.
This is why I use flatpak Steam. You might trust Valve but do you trust every third party developer?
Thanks for this, I’ll definitely dig in further