Malware on Wine review

Marcel Partap mpartap at
Mon Feb 23 19:14:20 CST 2009

> What about having to mark the exe as +x before Wine will load it? That's
> easilly doable frame any sane filemanager and provides a good level of
> safety..  and Wine already does a good job of making sure installed programs
> get +x.
Wow it actually does, never noticed that up to now :O
The problem would be with one of the more common use case: trying to 
start/install a program from an optical disc. The files will not be 
marked +x and the directories not be writable.
This problem scenario is also rather specific to WiNE; not an issue 
for KDE f.e. whcih yesterday had a related change committed: .desktop 
files have to be marked as executable to be run on click now. Lively 
discussion about that is still ongoing on kde-core-devel.

Despite from the install-from-cdrom issue, few users that have (been) 
switched from windows to linux will know how to chmod +x a file, so 
wine would at least have to give them a hint (or even a button) to do 
it. But once it becomes easy, they will just get used to clicking it 
and not be consciously pondering if the action is safe or not. So 
while i think it'd make sense, i doubt it is a practical solution to 
require files to have the executable bit.

Maybe a better solution would be to introduce an optional dependency 
on ClamAV and tight integration with it - known malware could be 
filtered and distributors would have greater interest in contributing 
to continuous  ClamAV signature updates..

regards marcel.

  "Obstacles are those frightful things you see when you take
   your eyes off your goal."         -- Henry Ford (1863-1947)

   Change the world! Vote:

More information about the wine-devel mailing list