Wine securityflaw.
Alexandre Julliard
julliard at winehq.com
Sat Oct 26 20:54:18 CDT 2002
Peter Andersson <kanelballe at softhome.net> writes:
> The question is...Would you expect that damage from running a windows app
> in wine, when you know it could be safely run in Windows?
> In just a few embedded bytes in the code it could remove your home directory
> in a single syscall. Would you expect that? - I wouldnt.
You should. If you run untrusted code under your account it can do
anything that you are allowed to. This is exactly equivalent to
running an untrusted Linux app. From a security standpoint there is
absolutely no difference between a Windows binary running under Wine
and a Linux binary running natively.
You can use the DOS drive configuration to limit the potential
problems a bug in a Windows app can cause; but it is impossible to
protect against malicious code except by not running it. Wine is not,
and cannot be, a sandbox for running untrusted code.
> Cant we atleast try implement some protection in wine against these attacks,
> before something really nasty happens.
No, we can't.
--
Alexandre Julliard
julliard at winehq.com
More information about the wine-users
mailing list