Malware on Wine review

[Zachary Goldberg]

2009/2/23 Ben Klein <shacklein at gmail.com>:
> 2009/2/24 Zachary Goldberg <zgold at bluesata.com>:
>> 2009/2/23 Dan Kegel <dank at kegel.com>:
>>> Ben Klein <shacklein at gmail.com> wrote:
>>>>> http://www.avertlabs.com/research/blog/index.php/2009/02/23/running-windows-malware-in-linux/
>>>>>
>>>>> "Do not set the file association for Windows executables with Wine.
>>>>> This would enable running Windows executables in Wine by simply double
>>>>> clicking them."
>>>>>
>>>>> I saw a patch floating by to turn this on by default recently.  Maybe
>>>>> we should make it off by default, but easy to turn on...?
>>>>
>>>> This would annoy all the people that the association targets. We can
>>>> either make it easy to run all Windows apps (malware and legit) via
>>>> file manager, or none at all.
>>>
>>> Yes, exactly.  The default should be off, and it should be easy to
>>> turn on.
>>> - Dan
>>
>> I disagree on this point.  Is malware via Wine on Linux really a
>> problem commonly affecting users?  What happened to replicated
>> Window's behavior bug for bug?  User X might ask: double clicking an
>> exe works in Windows why shouldn't it in Linux?  Why should user X
>> have to go through an extra step to do something on Linux than they
>> would on Windows?
>
> Thing is, this is not something that's explicitly within Wine. It's
> desktop integration at best, and file manager-specific at worst. I'd
> say it doesn't fall under the heading of "bug-for-bug compatibility".
>
> That's just me though. Comments from real Wine devs would be much more
> meaningful :)
>

I interpret bug-for-bug compatibility to be more than just emulating
the API bugs so apps run.  Its about emulating the experience for
users to be as close to expectations (set by Windows) as possible.
Preventing them from double-clicking EXEs in the file manager without
finding some arbitrary configuration option doesn't seem to be inline
with this.