Wine securityflaw: Protect against root
andi at rhlx01.fht-esslingen.de
Sun Oct 27 09:31:31 CST 2002
On Sun, Oct 27, 2002 at 07:51:01AM -0600, David D. Hagood wrote:
> I would ALSO suggest that wine check the execute bit on the application
> being run - the recent incident with Klez running under Wine would not
> have happened (I think) if wine would not run that which is not marked
> with the -X bit (unless, again, a command line parameter is supplied,
> and a warning dialog is confirmed).
Broken idea. This would stop any and all installers, as they first extract a
compressed archive and then invoke *further* install helper programs.
Windows is not Unix, period. That's why mapping to the X bit really doesn't
make sense IMHO.
Andreas Mohr Stauferstr. 6, D-71272 Renningen, Germany
Tel. +49 7159 800604 http://mohr.de.tt
More information about the wine-devel