Part of my confusion what usage pattern is contracting malware on wine in the first place<br><br><div><span class="gmail_quote">On 2/12/07, <b class="gmail_sendername"><a href="mailto:richardvoigt@gmail.com">richardvoigt@gmail.com
</a></b> <<a href="mailto:richardvoigt@gmail.com">richardvoigt@gmail.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
On 2/12/07, James Hawkins <<a href="mailto:truiken@gmail.com">truiken@gmail.com</a>> wrote:<br>> On 2/11/07, <a href="mailto:richardvoigt@gmail.com">richardvoigt@gmail.com</a> <<a href="mailto:richardvoigt@gmail.com">
richardvoigt@gmail.com</a>> wrote:<br>> > On 2/11/07, Misha Koshelev <<a href="mailto:mk144210@bcm.tmc.edu">mk144210@bcm.tmc.edu</a>> wrote:<br>> > > Hi everybody,<br>> > ><br>> > > Thanks for your suggestions. I just posted a new patch on wine-patches
<br>> > > where I tried to incorporate these and now it does the following (in<br>> > > addition to my previous patch which just started items in the StartUp<br>> > > folder):<br>> > ><br>
> > > - When wineboot finds a file that it wants to start in the StartUp<br>> > > folder, it asks the user whether he wants to run the program. His<br>> > > options are: Always, Yes, No (default), and Never.
<br>> > > - If he selects Yes the program is run, if he select No it is not.<br>> > > - If he selects Always or Never, I create a registry key in:<br>> > > HKEY_CURRENT_USER\Software\Wine\StartupItems with the full pathname
<br>> > > of the program and the value "always" or "never." When wineboot sees<br>> > > this program in the StartUp folder it checks this key, and if it is<br>> > > set it performs the appropriate action.
<br>> > ><br>> > > What do you guys think? If you like the system, it would be pretty easy<br>> > > to incorporate this into the run key running as well (which are<br>> > > currently just run without any user confirmation)?
<br>> ><br>> > This sounds almost perfect. I think the counterpoint raised by James<br>> > Hawkins would be adequately addressed by adding a winecfg option as<br>> > follows:<br>> ><br>> > Startup items behavior:
<br>> > (*) Silently allow <-- This is "bug-for-bug compatibility"<br>> > ( ) Ask <-- Most computer-savvy folks would want this<br>> > ( ) Silently block
<br>> > ( ) Block and notify me<br>> ><br>><br>> This is unnecessarily complicated, and i really doubt anything like<br>> this would ever make it into the Wine tree.<br>><br>> > Perhaps this should be independently set for each kind of startup item
<br>> > (startmenu\programs\startup, registry run key, profile settings, etc),<br>> > but I think that's not really necessary.<br>> ><br>> > Also, I would suggest that the list of approved start items be stored
<br>> > outside of winespace, so that malware can't bypass the protection by<br>> > setting the key. Of course, really nasty stuff could still call into<br>> > Linux, but that would require some hybrid system that was aware of the
<br>> > ELF dynamic loader in order to not fall afoul of address space<br>> > randomization.<br>> ><br>> > Ultimately I think wine is about more than just running<br>> > Windows-compatible programs without the Microsoft tax. It's about
<br>> > running those programs without ceding control of your computer to an<br>> > untrustworthy party. We don't want the limitations that Windows<br>> > imposes... true bug-for-bug compatibility would mean only being able
<br>> > to access files on a FAT or NTFS partition, but I don't hear anyone<br>> > advocating for that kind of crippling behavior.<br>> ><br>><br>> What? Wine has nothing to do with which file system your files reside
<br>> on.<br>You advocated that wine aim for working exactly like Windows, no less<br>and no more, rather than deviating in user-configurable ways to<br>enhance the user's control over his own system. Maybe while we're at
<br>it, wine should have the bug which allows certain software to prevent<br>screen grabs. No, I think defeating DRM to enable fair use is<br>perfectly reasonable, and there are some bugs which should be fixed.<br>Should wine try to patch remote exploits at the exact same rate as
<br><a href="http://windowsupdate.com">windowsupdate.com</a>? That would be also be required for true<br>bug-for-bug compatibility. After all, someone properly authorized<br>might be using that backdoor to reboot their webfarm remotely -- not!
<br><br>There are things that are wrong in a theoretical sense (i.e. the<br>Pentium floating-point bug), or misclassification of Unicode<br>characters, which some programs might reasonably depend on. And then<br>there are things that are wrong from a practical engineering
<br>perspective, like software taking away the user's choice to not run<br>it, which the mere fact that a program depends on it makes it malware.<br><br>> Asking if you want to run every file set for startup in wineboot
<br>> every single time is crippling behavior, not to mention annoying. UAC<br>> anyone? If you're so worried about this "malware", create a reduced<br>> privileges account just for Wine.<br><br>That's the point of a "remember my choice" or "Yes/No/Always/Never"
<br>option on the prompt which appears when the winecfg option is ask...<br><br>Reduced privileges do little or nothing to prevent network abuse (open<br>spam relay and the like).<br><br>><br>> > ><br>> > > Thanks
<br>> > > Misha<br>> > ><br>> > > p.s. please please please anyone who is familiar with IShellFolder if<br>> > > you could look over those parts and just say yes it looks good that<br>> > > would make me feel better. I think it is correct but really an expert's
<br>> > > opinion would be great.<br>> > ><br>> > ><br>> > ><br>> ><br>> ><br>> ><br>><br>><br>> --<br>> James Hawkins<br>><br><br><br></blockquote></div>
<br>