Wine securityflaw.
Raul Dias
chaos at swi.com.br
Thu Oct 31 15:44:16 CST 2002
Greg Turner <gmturner007 at ameritech.net> wrote:
>On Thursday 31 October 2002 08:10 am, Raul Dias wrote:
>> My $0.02,
>>
>> A way to make it more secure is to catch key API calls and decide if
>> the application is allowed to run it or not.
>
>not a bad idea.
>
>> Wine could implement a clean Security Layer: YES
>
>Clean, perhaps, but secure? That depends on what you are trying to
>achieve: since the unix API is available to apps running under wine,
>such measures will only secure applications which don't specifically
>check for wine and circumvent its api-level security measures.
>
>So, for example, this could be used to protect a system against security
>flaws in Internet Exploder or Outlook... but a malicious virus writer
>could work around winapi-based security provisions, as discussed
>earlier in this thread.
In this case I agree that the OS should provide the security layer,
not wine.
Wine should provide security only for (or "at least for") WIN32 API
flaws.
[]'s
Raul Dias
>
>--
>gmt
>
>"The purpose of government is to rein in the rights of the people"
> --President Bill Clinton, MTV interview, 1993
>
More information about the wine-devel
mailing list