Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The Linux root is more insulated if your application is in a VM, but running other Windows services broadens the attack surface.


Any problems running Linux in a VM then Wine within that?


Kind of negates the purpose of even using wine. If your running a windows machine to run a Linux VM then you might as well install straight to Windows and not deal with the underpowered VM


>If your running a windows machine to run a Linux VM then you might as well install straight to Windows and not deal with the underpowered VM

Given the context, I don't believe mark-r was talking about using a Windows host for the Linux VM.


Right, I was talking about Linux under Linux.


Also, last time I tried, the virtual graphics cards in the vm were much less powerful than a fully drivered up raw graphics card even on Linux, unless I was doing something wrong?


This has actually changed. A friend of mine plays all modern games with sometimes even better FPS using the PCI passthrough in QEMU[1], I have to say it's a pretty impressive setup and I've played Witcher 3 with Arch Linux + QEMU + Windows 7, solid 60fps with ultra graphics.

[1] https://wiki.archlinux.org/index.php/PCI_passthrough_via_OVM...


Very bookmarked!


I assume Windows in the VM would have the same problem. I guess that would be the biggest reason for avoiding a VM, if you're trying to run a game.


I've never tried this, but I know that Wine doesn't use VT-x so I think it would work better than nested VMs.

I don't know how much sandboxing Wine provides, so it might not be necessary to do this.


I was asking because the parent post seemed to be concerned about untrusted Windows binaries. A VM gives you the ultimate sandbox (even if it's not perfect).




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: