Malware on Wine review
Marcel Partap
mpartap at gmx.net
Tue Feb 24 19:33:58 CST 2009
On 25/02/09 01:54, Ben Klein wrote:
> 2009/2/25 Chris Robinson<chris.kcat at gmail.com>:
>> On Tuesday 24 February 2009 3:46:53 pm Paul Chitescu wrote:
>>> My FAT partitions disable +x through file mode mount option since I don't
>>> want the kernel to attempt to identify and execute every unknown file I
>>> happen to open/click/hit enter. On those partitions there are no POSIX
>>> executables but plenty of Win32 ones - many of them shared between Windows
>>> and Wine.
>>
>> If you want to execute something (Wine or otherwise), why set -x? If you set
>> a file to be -r, would you expect to read it in Wine, still? Or if it's -w,
>> would you expect Wine apps to be able to write to it? Of course you wouldn't,
>> so why should x be different?
>>
>> If you require an exe to be +x, it becomes quite a bit more difficult to
>> unintentionally run it. Unsolicited files do not get +x, thus it's impossible
>> to execute them, accidentally or carelessly (sans the .desktop file issue that
>> has come up, again, recently). If you ignore the +x, then all it takes is a
>> mis-click on an email or some other simple mistake.
>
> "Unsolicited" files will get +x with default mount options on vfat/fat
> partitions, because ALL files on such partitions get +x this way.
>
> I would at least like to see Wine respect noexec, if possible. I
> understand concerns about Wine respecting +x, due mainly to CD-based
> installers that may or may not have +x set on the files, but I think
> it would also be the *correct* thing to do. Possibly have some
> registry entry disable the +x check? This would be particularly useful
> on a per-application basis, allowing the construction of a whitelist.
After all the discussion it still seems to me as if wine should
neither relay on filesystems being mounted exec nor +x executables for
now but instead really try and loosely integrate with the only FOSS
anti-virus solution there is, clamav. Better than annoying one half of
the users with non-runnable programs and giving the other half a false
sense of security.
regards.
--
"Obstacles are those frightful things you see when you take
your eyes off your goal." -- Henry Ford (1863-1947)
Change the world! Vote: http://hfopi.org/vote-future
More information about the wine-devel
mailing list