Malware on Wine review

Marcel Partap mpartap at gmx.net
Tue Feb 24 19:33:58 CST 2009 

On 25/02/09 01:54, Ben Klein wrote:
> 2009/2/25 Chris Robinson<chris.kcat at gmail.com>:
>>  On Tuesday 24 February 2009 3:46:53 pm Paul Chitescu wrote:
>>>  My FAT partitions disable +x through file mode mount option since I don't
>>>  want the kernel to attempt to identify and execute every unknown file I
>>>  happen to open/click/hit enter. On those partitions there are no POSIX
>>>  executables but plenty of Win32 ones - many of them shared between Windows
>>>  and Wine.
>>
>>  If you want to execute something (Wine or otherwise), why set -x?  If you set
>>  a file to be -r, would you expect to read it in Wine, still? Or if it's -w,
>>  would you expect Wine apps to be able to write to it? Of course you wouldn't,
>>  so why should x be different?
>>
>>  If you require an exe to be +x, it becomes quite a bit more difficult to
>>  unintentionally run it. Unsolicited files do not get +x, thus it's impossible
>>  to execute them, accidentally or carelessly (sans the .desktop file issue that
>>  has come up, again, recently). If you ignore the +x, then all it takes is a
>>  mis-click on an email or some other simple mistake.
>
> "Unsolicited" files will get +x with default mount options on vfat/fat
> partitions, because ALL files on such partitions get +x this way.
>
> I would at least like to see Wine respect noexec, if possible. I
> understand concerns about Wine respecting +x, due mainly to CD-based
> installers that may or may not have +x set on the files, but I think
> it would also be the *correct* thing to do. Possibly have some
> registry entry disable the +x check? This would be particularly useful
> on a per-application basis, allowing the construction of a whitelist.

After all the discussion it still seems to me as if wine should 
neither relay on filesystems being mounted exec nor +x executables for 
now but instead really try and loosely integrate with the only FOSS 
anti-virus solution there is, clamav. Better than annoying one half of 
the users with non-runnable programs and giving the other half a false 
sense of security.
regards.


-- 
  "Obstacles are those frightful things you see when you take
   your eyes off your goal."         -- Henry Ford (1863-1947)

   Change the world! Vote: http://hfopi.org/vote-future

More information about the wine-devel mailing list