Viruses in the wine-devel archive ??
Shachar Shemesh
wine-devel at shemesh.biz
Fri Aug 22 14:28:26 CDT 2003
P. Christeas wrote:
>Marcus Meissner wrote:
>
>
>>On Fri, Aug 22, 2003 at 06:13:39PM +0300, P. Christeas wrote:
>>
>>
>>>>Yup, here is the message.
>>>>http://winehq.com/hypermail/wine-patches/2003/08/0203.html
>>>>
>>>>I'll remove that attachment. Should we contact that author and let him
>>>>know he is infected, or simply remove him from the list?
>>>>
>>>>
>>>Btw. Does SoBig.F run under wine? If yes, how bad can it get?
>>>
>>>
>>It crashes for me.
>>
>>Ciao, Marcus
>>
>>
>
>OK, we 'll fix wine .. ;)
>
>On the serious side: wine could actually be the perfect platform for security
>tests. Having a virus spread on a pseydo-system is noteworthy..
>
>
We've been through this discussion before too. Wine is not a VM, and the
isolation between Win32 and Unix code is the result of application's
ignorance, rather than a deliberate design decision. As such, it is
highly NOT recommended for cases where hostile code of unknown qualities
is tested.
For all you know, sobig may be checking whether it is runnning on wine,
and then issuing the correct interrupts (static linking dlopen) and
infecting your Unix system.
Shachar
--
Shachar Shemesh
Open Source integration consultant
Home page & resume - http://www.shemesh.biz/
More information about the wine-devel
mailing list