Signature checking in Wine

Kornél Pál kornelpal at
Sat Jul 26 03:22:51 CDT 2008


Paul Millar wrote:
> As an aside: this looks to me like a logical fallacy.  If I may rephrase your 
> argument:
>   1. Most signed software is from a large code-base (probably true)
>   2. Large code-bases are more likely to have vulnerabilities (probably true)
>   3. Therefore, signed software is more likely to have vulnerabilities (wrong: 
> not deducible)
> See:

A digital signature is intended to certify that the software was really 
published by it's claimed vendor.

It does not protect against bugs, vulnerabilities, intentional malware 
or anything else.

But protects you from hosting that modify intallers to drop malware for 
example. Or may save you from viruses pretending to be Microsoft software.


More information about the wine-devel mailing list