wineboot: Start items in StartUp folder on boot, includes
mk144210 at bcm.tmc.edu
Mon Feb 12 09:35:14 CST 2007
On Sun, 2007-02-11 at 23:49 -0600, John Smith wrote:
> What prevents malicious programs from writing this registry key on
> their own?
> On 2/11/07, Chris Robinson <chris.kcat at gmail.com> wrote:
> On Sunday 11 February 2007 06:49:58 pm richardvoigt at gmail.com
> > This sounds almost perfect.
> What would stop the program from adding the registry key
> itself when placing
> the item in the startup folder, or wherever else?
> > I think the counterpoint raised by James
> > Hawkins would be adequately addressed by adding a winecfg
> option as
> > follows:
> Sounds like it's just asking if it should ask.
> I'm not really sure what you could do as a user that a program
> couldn't just
> override and do itself. Besides, users might not know whether
> what's being
> installed into an auto-start key/folder is necessary, deny it
> for "safety
> concerns", and have a broken installation.
I think the bigger security issue to be made is that until wine default
behavior is not to set up the user's home directory in a writeable way
as the Z: drive there is really no way to store any settings in any
user-writable file without having malware being able to change if it
wanted to and was written specifically for wine (please correct me if I
am wrong). So I believe that, given this state, securing Wine from
malware written for Windows (which most is) and not specifically for
Wine is the best we can do.
More information about the wine-devel