Wine securityflaw.
Vincent Béron
vberon at mecano.gme.usherb.ca
Thu Oct 31 09:46:37 CST 2002
Marcus Meissner wrote:
> On Thu, Oct 31, 2002 at 11:10:33AM -0300, Raul Dias wrote:
>
>>My $0.02,
>>
>>I always though of a wine as way to run windows apps
>>better than windows.
>>
>>Better also means "more secure" for me.
>>
>>A way to make it more secure is to catch key API calls and decide if
>>the application is allowed to run it or not.
>>
>>This would be easy to detect if an application is trying to delete
>>a file, to open a network connection, or anything that could be
>>possible unsafe if not used correct.
>
>
> ...
>
> The whole issue can probably addressed by very simple sandboxing:
>
> Just use a WINE pseudo user.
>
> Then WINE and the windows applications can do only damage within
> the pseudo user context, which should be harmless.
>
> Automated cleanup (like cron based kills or similar) would be easy.
>
>
> Drawback: Does not scale well to a multi user system.
>
> Ciao, Marcus
>
>
And, as all sandbox designs, is not very practical to use, even for a
single user. I'm talking access to documents, etc.
And nothing prevents a rogue app to either access the network (and send
stuff you feed it), or wipe your fake windows.
OTOH, the potential damage is still somewhat contained.
In the end, I'd say don't expect any more security than what the host OS
can already provide to you.
Vincent
More information about the wine-devel
mailing list