this post was submitted on 26 Jan 2024
135 points (94.1% liked)
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
54500 readers
720 users here now
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
📜 c/Piracy Wiki (Community Edition):
💰 Please help cover server costs.
Ko-fi | Liberapay |
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
My current setup is a halfway between insanely secure and functionally useless, so take this with a grain of salt;
SELinux on a debian LTS host, VM to something similarly secure (I use arch to try n get the debian LTS stability + arch quick patches but i might be wrong), hosting as s new user per app a wine podman container using x11docker'd xpra2-xwayland option, and gpu pass through it all.
This gives pretty fine grain control to each individual feature your app is allowed to run, and numerous layers in case like 3 of them all concurrently have security flaws.
Eventually I want to look into the feasibility of sliding g-visor in the podman layer, but I figured I should probably make sure I spend some time actually plating games lol