wineboot: Start items in StartUp folder on boot, includes
security measures.
Misha Koshelev
mk144210 at bcm.tmc.edu
Mon Feb 12 09:35:14 CST 2007
On Sun, 2007-02-11 at 23:49 -0600, John Smith wrote:
> What prevents malicious programs from writing this registry key on
> their own?
>
> On 2/11/07, Chris Robinson <chris.kcat at gmail.com> wrote:
> On Sunday 11 February 2007 06:49:58 pm richardvoigt at gmail.com
> wrote:
> > This sounds almost perfect.
>
> What would stop the program from adding the registry key
> itself when placing
> the item in the startup folder, or wherever else?
>
> > I think the counterpoint raised by James
> > Hawkins would be adequately addressed by adding a winecfg
> option as
> > follows:
>
> Sounds like it's just asking if it should ask.
>
> I'm not really sure what you could do as a user that a program
> couldn't just
> override and do itself. Besides, users might not know whether
> what's being
> installed into an auto-start key/folder is necessary, deny it
> for "safety
> concerns", and have a broken installation.
>
I think the bigger security issue to be made is that until wine default
behavior is not to set up the user's home directory in a writeable way
as the Z: drive there is really no way to store any settings in any
user-writable file without having malware being able to change if it
wanted to and was written specifically for wine (please correct me if I
am wrong). So I believe that, given this state, securing Wine from
malware written for Windows (which most is) and not specifically for
Wine is the best we can do.
Misha
>
More information about the wine-devel
mailing list