Wine securityflaw.

Raul Dias chaos at
Thu Oct 31 15:44:16 CST 2002

Greg Turner <gmturner007 at> wrote:
>On Thursday 31 October 2002 08:10 am, Raul Dias wrote:
>> My $0.02,
>> A way to make it more secure is to catch key API calls and decide if
>> the application is allowed to run it or not.
>not a bad idea.
>> Wine could implement a clean Security Layer: YES
>Clean, perhaps, but secure?  That depends on what you are trying to 
>achieve: since the unix API is available to apps running under wine, 
>such measures will only secure applications which don't specifically 
>check for wine and circumvent its api-level security measures.
>So, for example, this could be used to protect a system against security 
>flaws in Internet Exploder or Outlook... but a malicious virus writer 
>could work around winapi-based security provisions, as discussed 
>earlier in this thread.

In this case I agree that the OS should provide the security layer, 
not wine.

Wine should provide security only for (or "at least for") WIN32 API

Raul Dias

>"The purpose of government is to rein in the rights of the people"
> --President Bill Clinton, MTV interview, 1993

More information about the wine-devel mailing list