Since this is in my regular Fedora 24 template, won't this codebase be included
in every app VM I run, whether I'm running PlayOnLinux in that app VM or not?
yes
Presumably none of that code would be running,
so there should be no problem (at least i can't see any problems)
but it would still be accessible to malware that wanted to call it.
for this the malware does need remote code execution.
if it has remote code execution it simply can call
sudo dnf install -y playonlinux
it also could download anything and simply execute it as root.
(root has no password)
so not having something installed does not protect you if you would not call it
anyways.
it does protect you from user errors. e.g.:
you have some malicious pdf in a vm.
if you have noting to open the pdf, you can't accidentally open it and corrupt
your vm.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/af70957f-600e-8bbc-dd72-c240d3972e4b%40openmailbox.org.
For more options, visit https://groups.google.com/d/optout.
