Wine securityflaw.

Alexandre Julliard julliard at
Sat Oct 26 20:54:18 CDT 2002

Peter Andersson <kanelballe at> writes:

> The question is...Would you expect that damage from running a windows app
> in wine, when you know it could be safely run in Windows?
> In just a few embedded bytes in the code it could remove your home directory 
> in a single syscall. Would you expect that? - I wouldnt.

You should. If you run untrusted code under your account it can do
anything that you are allowed to. This is exactly equivalent to
running an untrusted Linux app. From a security standpoint there is
absolutely no difference between a Windows binary running under Wine
and a Linux binary running natively.

You can use the DOS drive configuration to limit the potential
problems a bug in a Windows app can cause; but it is impossible to
protect against malicious code except by not running it. Wine is not,
and cannot be, a sandbox for running untrusted code.

> Cant we atleast try implement some protection in wine against these attacks,
> before something really nasty happens.

No, we can't.

Alexandre Julliard
julliard at

More information about the wine-devel mailing list