Malware on Wine review
Chris Robinson
chris.kcat at gmail.com
Tue Feb 24 20:05:21 CST 2009
On Tuesday 24 February 2009 5:51:59 pm Ben Klein wrote:
> Not correct. I've tested with vfat and ext2 filesystems, with noexec,
> and the files are still marked +x. As it turns out, noexec doesn't
> filter +x, just prevents shell/ld.so/kernel from loading the program.
> Wine is an indirect method of loading a program in comparison.
>
> An interesting point, assuming that /mnt/test is mounted noexec:
> $ /mnt/test/test.sh
> bash: /mnt/test/test.sh: /bin/sh: bad interpreter: Permission denied
>
> $ sh /mnt/test/test.sh
> Script runs
That is interesting..
> So maybe this is a matter of semantics: is Wine an executable handler
> (note binfmt-misc) or an executable interpreter? Should the Windows
> application, when passed as an argument to Wine, behave as if it's
> been called directly, or should it behave as if the executable has
> been passed to an interpreter (i.e., interpreter reads and processes
> the file as opposed to executing it directly)?
I would say it's as if it's called directly. After all, Wine Is Not an
Emulator (and by extension, an interpreter). :) The program is run by the
system, not Wine.. Wine basically just loads it into memory so the system can
run it.
More information about the wine-devel
mailing list