Malware on Wine review

Marcel Partap mpartap at gmx.net
Tue Feb 24 20:01:53 CST 2009 

On 25/02/09 02:35, Chris Robinson wrote:
 > On Tuesday 24 February 2009 4:54:26 pm Ben Klein wrote:
 >>  "Unsolicited" files will get +x with default mount options on 
vfat/fat
 >>  partitions, because ALL files on such partitions get +x this way.
 >
 > You have to mount a partition to get access to its files. A 
partition normally
 > doesn't mount itself, unless you had previously set it up to do so. 
As such,
 > you're actively trying to get the files.. they aren't just given to you
 > without warning.
Actually, nowadays there are most sophisticated technical solutions 
which mount on a single click. No warning, no options.
 >
 >>  I would at least like to see Wine respect noexec, if possible. I
 >>  understand concerns about Wine respecting +x, due mainly to CD-based
 >>  installers that may or may not have +x set on the files, but I think
 >>  it would also be the *correct* thing to do.
 >
 > The (no)exec mount options are for specifying whether the 
executable bit is
 > masked out or not. Filesystems like NTFS/FAT/ISO9660 do not have an 
executable
 > bit (a shortcoming on their part), so it's always assumed to be on; the
 > (no)exec options, in turn, control whether or not the the bit gets 
filtered
 > out (ie. it determines whether the files get +x or not). To honor 
'noexec'
 > means Wine should honor +x.
 >
 > If a user is trying to execute a program on a CD that's not +x, 
they mounted
 > it wrong
Yeah...by clicking on that shiny 'optical disc drive' icon.

 > (or the CD was made wrong).
uuhhm f.e. ISO9660 right?
 > I mean, assume it was a Linux program
 > they were trying to run on a CD instead of a Windows one. If the 
file doesn't
 > have +x, it won't run.
 > There's no reason a Windows program executed with Wine
 > should act differently than a Linux program executed directly.
..other than the fact that windows doesn't have the concept of an 
executable flag beyond the EXE extension. And wine as the linux 
executable that is actually being run *does* have the +x bit set... 
while i agree logically EXE files _should_ be flagged x aswell in 
practice requiring the flag ties wine's functionability to close to 
the randomness that is the user's choice of distrobution and its 
default mount options. Starting to require +x from the next release on 
is sure to break a lot of those systems.



-- 
  "Obstacles are those frightful things you see when you take
   your eyes off your goal."         -- Henry Ford (1863-1947)

   Change the world! Vote: http://hfopi.org/vote-future

More information about the wine-devel mailing list