Malware on Wine review
Johan Dahlin
johan at gnome.org
Wed Feb 25 07:56:53 CST 2009
Dan Kegel wrote:
> On Tue, Feb 24, 2009 at 6:07 PM, Scott Ritchie <scott at open-vote.org> wrote:
>> When I brought this up at the Ubuntu Developer Summit a while back, the
>> security conscious there wanted to check an executable for the execute
>> bit before launching it with Wine. Then, the user would be prompted if
>> they wanted to run it, and if yes the execute bit would be set and the
>> program launched.
>>
>> This check would be skipped if you clicked a link on the start menu
>> (since you obviously meant to launch a program then).
>
> Sounds good. A helper app could do this for us, I think.
>
>> That said, there's no point becoming "safe" until the desktop also
>> disables single click running of .desktop files that don't have the
>> execute bit set. It's trivial to write a piece of Linux malware that
>> does whatever you want by making it a .desktop file - you can even make
>> it so it displays as whatever name you like (and not foo.desktop).
>
> Right. Both changes are needed, the .desktop one more urgently.
That's already solved in nautilus;
http://svn.gnome.org/viewvc/nautilus?view=revision&revision=15003
Johan
More information about the wine-devel
mailing list