Malware on Wine review
Marcel Partap
mpartap at gmx.net
Mon Feb 23 19:14:20 CST 2009
> What about having to mark the exe as +x before Wine will load it? That's
> easilly doable frame any sane filemanager and provides a good level of
> safety.. and Wine already does a good job of making sure installed programs
> get +x.
Wow it actually does, never noticed that up to now :O
The problem would be with one of the more common use case: trying to
start/install a program from an optical disc. The files will not be
marked +x and the directories not be writable.
This problem scenario is also rather specific to WiNE; not an issue
for KDE f.e. whcih yesterday had a related change committed: .desktop
files have to be marked as executable to be run on click now. Lively
discussion about that is still ongoing on kde-core-devel.
Despite from the install-from-cdrom issue, few users that have (been)
switched from windows to linux will know how to chmod +x a file, so
wine would at least have to give them a hint (or even a button) to do
it. But once it becomes easy, they will just get used to clicking it
and not be consciously pondering if the action is safe or not. So
while i think it'd make sense, i doubt it is a practical solution to
require files to have the executable bit.
Maybe a better solution would be to introduce an optional dependency
on ClamAV and tight integration with it - known malware could be
filtered and distributors would have greater interest in contributing
to continuous ClamAV signature updates..
regards marcel.
--
"Obstacles are those frightful things you see when you take
your eyes off your goal." -- Henry Ford (1863-1947)
Change the world! Vote: http://hfopi.org/vote-future
More information about the wine-devel
mailing list