Wine Security Disclosure
Zachary Goldberg
zgs at seas.upenn.edu
Fri Mar 14 11:03:04 CDT 2008
On Fri, Mar 14, 2008 at 3:53 PM, TheBlunderbuss
<tehblunderbuss at gmail.com> wrote:
>
> The recent discussion about Windows viruses working through Wine leads
> me to questions about its security.
> I've heard that using a separate user is alright, and then it isn't
> alright.
Where did you hear that its not alright? Running wine as a normal
(non-root privs) user is the recommended way to use wine for most
software that you know is legit.
No matter what if your running a program, be it linux or windows (on
wine) it always has the potential to mess up things that the user
running it has access too. So if you run it as a normal user the
worst it can do is mess up that users files (unless its really really
sneaky and root exploits, but thats another case). All of your
important system files are owned by root (or they should be...) so as
long as your not running as root it can't break your actual system.
> That you shouldn't use sudo to login to such a special wine user.
> That you really should use a virtual machine for total security.
Sure; if your playing with something you know could be nasty the best
guarantee that it won't affect anything in your environment is a
virtual machine. But for apps that you know are alright, games etc.
then running as a normal user is perfectly fine.
>
> What's the consensus here? And shouldn't this info be published somewhere,
> in big bold letters?
>
>
http://wiki.winehq.org/FAQ
Part 2 Section 11
--
Zachary Goldberg
Computer Science & Engineering
Electrical Captain of Penn Electric Race Team
School of Engineering at the University of Pennsylvania
More information about the wine-devel
mailing list