Malware on Wine review
Vincent Povirk
madewokherd+8cd9 at gmail.com
Wed Feb 25 11:22:29 CST 2009
On Wed, Feb 25, 2009 at 10:38 AM, King InuYasha <ngompa13 at gmail.com> wrote:
> AFAIK, the main difference between the Wine and Java methods is
> that Wine doesn't sandbox its loading environment, while Java does.
Java doesn't create a sandbox when you run a normal application.
Which makes it a wonderful example.
This discussion has been assuming that .exe files are somehow special
because they are programs (and thus can do anything your user can do),
but they shouldn't be executed directly (before anyone mentions
binfmt-support, that's broken and unfixable for this case). I don't
think exe is likely to be the only file type like that. What we really
should do is make sure the file manager knows about these types so it
can apply a consistent policy.
This information would also be useful to firefox and any other program
that handles possibly-untrusted files of arbitrary type.
Vincent Povirk
More information about the wine-devel
mailing list