> On May 1, 2023, at 17:30, James <[email protected]> wrote:
>
>
>
>> On 2 May 2023, at 2:18 am, Richard L. Hamilton <[email protected]> wrote:
>>
>> Sure, a disposable, isolated environment (esp. one meant for extreme uses,
>> like a Kali Linux VM) is great for suspicious software...or for testing less
>> than robust software with possibly maliciously crafted input. Certainly NOT
>> the example I had in mind, although one might argue that XMP or EXIF (as
>> applicable) library exploits might make my example risky depending on the
>> files being processed.
>>
>> But by that criteria, anything but (maybe) a binary file editor with no size
>> or content restrictions beyond what the operating system allows could be
>> vulnerable to maliciously crafted input files, which doesn't even count that
>> it just might be possible to construct a file name that is an attack on the
>> OS itself, given complications like UTF-16 normalization, etc.
>>
>> So IMO the question isn't whether you're running a program (that works fine
>> in its own environment) in yours with a VM vs some less isolating means, but
>> whether you'd want to run the program (or run it on certain input) at all
>> even if it was native, in a valuable environment. I don't know if for
>> example Wine could be modified to incorporate (invisibly to what it ran)
>> additional macOS security features like sandboxing, which would make
>> something run under it not much more dangerous than a native app.
>>
>> TL/DR: I wouldn't run something that I downloaded and didn't have some
>> confidence in (recommendations from reputable sites, original download site,
>> maybe even signed) regardless of whether it was native, in Wine, or in a VM,
>> unless I was in the business of (properly and carefully) testing software
>> that didn't even meet that minimum standard of trusted-ness.
>>
>>> On May 1, 2023, at 09:47, Sean McLinden <[email protected]> wrote:
>>>
>>>
>>> Yeah, as long as you aren't analyzing malware. WannaCry in Wine could
>>> encrypt the contents of the user's HOME directory.
>>>
>>> ----- Original Message -----
>>> From: "Richard L. Hamilton" <[email protected]>
>>> To: "Sean McLinden" <[email protected]>
>>> Cc: "Christoph Kukulies" <[email protected]>, "macports-users list"
>>> <[email protected]>
>>> Sent: Monday, May 1, 2023 7:44:22 AM
>>> Subject: Re: Wine
>>>
>>> Sure, but for some things Wine is good enough and even better. Back in
>>> Mojave (32-bit support) and earlier, one could use WineBottler to make a
>>> Mac app using Wine that invoked a Windows program. I had that for
>>> abc_tags.exe, which is more convenient than VLC for fixing batches of
>>> mis-tagged AVI files. No need to fire up a full VM for that. And yes, I
>>> have Parallels and VirtualBox and other virtualization products for other
>>> platforms; nothing against full virtualization, but sometimes it's overkill.
>>>
>>>> On May 1, 2023, at 07:11, Sean McLinden <[email protected]> wrote:
>>>>
>>>>
>>>> If you don't mind spending a few bucks, Parallels Desktop for Mac supports
>>>> a full-featured Windows 11 VM.
>
> I've been vaugely following this thread, for the reasons you advocate why not
> crossover office. Certainly they have been good to me over the years
> James
Costs more than Parallels, so I don't see the point. A free wine to run
selected Windows apps known to work with it, sure. But a paid one at a fairly
high price? Not me.
