Malware on Wine review
mpartap at gmx.net
Mon Feb 23 19:14:20 CST 2009
> What about having to mark the exe as +x before Wine will load it? That's
> easilly doable frame any sane filemanager and provides a good level of
> safety.. and Wine already does a good job of making sure installed programs
> get +x.
Wow it actually does, never noticed that up to now :O
The problem would be with one of the more common use case: trying to
start/install a program from an optical disc. The files will not be
marked +x and the directories not be writable.
This problem scenario is also rather specific to WiNE; not an issue
for KDE f.e. whcih yesterday had a related change committed: .desktop
files have to be marked as executable to be run on click now. Lively
discussion about that is still ongoing on kde-core-devel.
Despite from the install-from-cdrom issue, few users that have (been)
switched from windows to linux will know how to chmod +x a file, so
wine would at least have to give them a hint (or even a button) to do
it. But once it becomes easy, they will just get used to clicking it
and not be consciously pondering if the action is safe or not. So
while i think it'd make sense, i doubt it is a practical solution to
require files to have the executable bit.
Maybe a better solution would be to introduce an optional dependency
on ClamAV and tight integration with it - known malware could be
filtered and distributors would have greater interest in contributing
to continuous ClamAV signature updates..
"Obstacles are those frightful things you see when you take
your eyes off your goal." -- Henry Ford (1863-1947)
Change the world! Vote: http://hfopi.org/vote-future
More information about the wine-devel