On Mon, Jan 30, 2017 at 8:31 PM, Reg Tiangha <r...@reginaldtiangha.com> wrote:
> On 2017-01-30 03:48 PM, mojosam wrote: > >> I am in the process of installing PlayOnLinux into my Fedora 24 >> template. Currently, my only use for it is the Kindle app. I suspect I'll >> find further need for it in the future. My original plan was to just use >> the Kindle app in one of my existing app VMs. In the future, I might want >> some other application available in a different app VM. >> >> I was rather shocked to see that PlayOnLinux hogs 800 MB on my hard >> drive. I guess there's support in there for just about every freaking >> service that any Windows application might want. I had just assumed that >> that stuff would be installed on an as-needed basis (Maybe standalone Wine >> does this?). >> >> This got me thinking about attack surface. Since this is in my regular >> Fedora 24 template, won't this codebase be included in every app VM I run, >> whether I'm running PlayOnLinux in that app VM or not? Presumably none of >> that code would be running, but it would still be accessible to malware >> that wanted to call it. >> >> Related to that, if I am using a PlayOnLinux application, then whole >> hunks of that codebase would now be running in that app VM, so any >> preexisting malware/bugs would now be alive and fermenting within the app >> VM. >> >> To minimize these effects, I'm now thinking that the best thing to do is >> to install PlayOnLinux in a standalone VM and run all of its applications >> in that VM only. >> >> I'd kind of like to minimize the rampant spread of standalone VMs in my >> system, but it seems like this one might be justified. >> >> > Or rather than a standalone VM, you make a separate TemplateVM just for > the wine stuff. That's what I do. But, those are different paths up the > same mountain. I just make it a TemplateVM rather than standalone to get > all the benefits of the Template/AppVM model. All the user PlayOnLinux > stuff gets stored in /home anyways and I have the free disk space, so why > not? > > I do the same. you ha the additional advantage that you may install different windows programs in different userVMs. > -- > You received this message because you are subscribed to the Google Groups > "qubes-users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to qubes-users+unsubscr...@googlegroups.com. > To post to this group, send email to qubes-users@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/ms > gid/qubes-users/o6oid8%24i06%241%40blaine.gmane.org. > > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAPzH-qBiwQMXay9JUbfBwg1U5Awiio1SipXg47-zuMrT5zsrnw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
