I’m feeling a bit nostalgic and wanted to play some of the old COD games, and noticed that remote code execution exploits such as CVE-2018-20817 exist and seem to be unpatched. So I was wondering if this exploit affects or can be mitigated when running through Proton?
As I assume most of these exploits are intended for Windows systems, I’d assume it would be fairly harmless if I could disable mounting the default root filesystem and external drive mounts to the prefix. Digging through winetricks/protontricks I haven’t managed to find such an option though.
I’m aware it isn’t designed to be a sandbox, I’m just betting that the typical exploiter wouldn’t target wine past writing stuff into mounted filesystems. So at most they’d wreck the proton prefix and perhaps spawn a few processes within it.
Your root disk is usually mounted at Z: so any ransomware could just encrypt that