Malware on Wine review

[Ben Klein]

2009/2/25 Chris Robinson <chris.kcat at gmail.com>:
> On Tuesday 24 February 2009 3:46:53 pm Paul Chitescu wrote:
>> My FAT partitions disable +x through file mode mount option since I don't
>> want the kernel to attempt to identify and execute every unknown file I
>> happen to open/click/hit enter. On those partitions there are no POSIX
>> executables but plenty of Win32 ones - many of them shared between Windows
>> and Wine.
>
> If you want to execute something (Wine or otherwise), why set -x?  If you set
> a file to be -r, would you expect to read it in Wine, still? Or if it's -w,
> would you expect Wine apps to be able to write to it? Of course you wouldn't,
> so why should x be different?
>
> If you require an exe to be +x, it becomes quite a bit more difficult to
> unintentionally run it. Unsolicited files do not get +x, thus it's impossible
> to execute them, accidentally or carelessly (sans the .desktop file issue that
> has come up, again, recently). If you ignore the +x, then all it takes is a
> mis-click on an email or some other simple mistake.

"Unsolicited" files will get +x with default mount options on vfat/fat
partitions, because ALL files on such partitions get +x this way.

I would at least like to see Wine respect noexec, if possible. I
understand concerns about Wine respecting +x, due mainly to CD-based
installers that may or may not have +x set on the files, but I think
it would also be the *correct* thing to do. Possibly have some
registry entry disable the +x check? This would be particularly useful
on a per-application basis, allowing the construction of a whitelist.