And that would achieve what exactly? The exploits won't be the same. The permission structure shouldn't allow it to do anything that would compromise the system. Maybe it can phone home, but to what effect?
Does it necessarily need exploits? I might be wrong, but I believe games running in wine can access any file your user can. It should still be able to delete, edit or encrypt them. Wine just translates calls, it doesn't create a locked down container or anything iirc
Proper permissions would not give the game access to anything it didn't actually need to run. It should be running either as it's own user or wine. You don't need a container. How did you think containers get locked down anyway? They run as a user with very limited access.
If youre running it under your current user, theoretically anything your user can do (which usually means all your personal files)
I'm not too sure bottle's default security cause I use flatseal so aggressively, but even allowing access to a directory where your games are stored could be a security issue (just for simple malicious things like filling up your drive)
If youre running it under your current user, theoretically anything your user can do (which usually means all your personal files)
That would be poorly configured permissions. There's very little reason you should let any game run under a users own permissions, especially if you got it from a less than reputable source. Proper permissions would give it only enough access to run, nothing more.
I dont think the workflow is yet streamlined enough to assume a regular user would create a per game-user, that being said I just checked bottle's default permissions and its not horrible, no filesystem access other than the app's.
That being said it still is gonna be vulnerable to x11 keyloggers like most linux software is rn