Does anyone have any experience with using Wine under DoD Information Assurance strictures? We believe since Wine casts all the Windows API into Linux it should be allowable but are concerned the IA lockdowns may cripple Wine.
On Thu, Mar 31, 2011 at 12:15 PM, DeiKratos <wineforum-user at winehq.org> wrote:> Does anyone have any experience with using Wine under DoD Information Assurance strictures? > We believe since Wine casts all the Windows API into Linux it should be allowable but are concerned the IA lockdowns may cripple Wine. >As a CISSP employed by the US Government, IA lockdowns would have to be specifically applied to Wine. This will be an effort that is outside the scope of the project, but AJ can chime in to correct me on this. At this time, Wine does have the ability to run specific types of viruses and it would take running an anti-virus program within the base operating system. I do exist on the DoD mailing list if you wish to discuss this in a forum that is not open to the public. James McKenzie
Really the first question is why is Wine required. Since for a secure OS everything should be open to be audited. So should equal no closed source applications. So having to use wine really is strike 1 against you. IA lockdowns can cripple any application if done wrong. Wine is not unique in this regard. Applications running inside wine may require particular features. Applications running inside wine only ask for particular features as they need them. Wine have many copies of wine installed. So 1 copy of wine per application required can be done and secuirty wrapped matching that. Basically nothing about Wine design prevents DoD Information Assurance being passed. But nothing about wine helps either. Resources would be handy to improve wine support for secuirty so making items like DoD Information Assurance simpler to pass.