wine virus story

Reece Dunn msclrhd at
Fri Mar 14 12:19:39 CDT 2008

On 13/03/2008, Dan Kegel <dank at> wrote:
> On 3/13/08, L. Rahyen <research at> wrote:
>  >         Separate user is enough if you don't have world writable files in your
>  >  system.
> No, because the malware could root your Linux system
>  using a local priv escalation exploit.  You really want a
>  totally isolated sandbox.

Do you know what the status of the ClamAv support is for malware
detection through the Windows API?

Also, should this really map the Windows API to use Linux API for
malware detection (, or the Mac API,
or other OS APIs if available? If none is provided, the Windows calls
could use ClamAv as a fallback if available.

Also, should an effort be made to get Windows AV products working on
Wine? This has the problem that they would likely require Windows
kernel APIs that Wine isn't providing. It would also require testing.

In addition to AV support, should Wine use the Windows API to use a
firewall if one is available on the OS that Wine is running?

- Reece

More information about the wine-devel mailing list