Malware on Wine review
Chris Robinson
chris.kcat at gmail.com
Mon Feb 23 18:40:17 CST 2009
On Monday 23 February 2009 3:58:10 pm Zachary Goldberg wrote:
> I disagree on this point. Is malware via Wine on Linux really a
> problem commonly affecting users? What happened to replicated
> Window's behavior bug for bug? User X might ask: double clicking an
> exe works in Windows why shouldn't it in Linux? Why should user X
> have to go through an extra step to do something on Linux than they
> would on Windows?
Linux isn't Windows. If anything, I think it would be a good idea to pay more
attention to those non-Windows features, such as making Wine refuse to load
EXEs and DLLs that aren't +x. A simple security measure, and it cleanly
follows the behavior of the host system. IMO, "Windows doesn't do it that way"
is not a valid excuse to not do it.
There was a blog post recently that made its way through slashdot exposing a
deceptively simple attack vector for trajans on Linux. It revolved around the
DE's capability of executing a program/shell script specified in a .desktop
file, where neither the .desktop file nor the program being run needed +x. You
could simply click on a .desktop file from an email, disguised as a "safe"
iamge or text file, and the DE's associations would take care of the rest. The
file didn't have to be saved somewhere and manually marked +x.. it opened and
ran a program directly from the email.
Is that a good thing to be bringing to Linux/Unix? The capability for users to
click on an exe in an email and have it run with no questions, beyond an "Are
You Sure?" dialog that they're conditioned to click through? IMO, this is
something Wine should try to avoid, even though it's perfectly acceptable in
Windows.
More information about the wine-devel
mailing list