Malware on Wine review
dank at kegel.com
Tue Feb 24 20:26:17 CST 2009
On Tue, Feb 24, 2009 at 6:07 PM, Scott Ritchie <scott at open-vote.org> wrote:
> When I brought this up at the Ubuntu Developer Summit a while back, the
> security conscious there wanted to check an executable for the execute
> bit before launching it with Wine. Then, the user would be prompted if
> they wanted to run it, and if yes the execute bit would be set and the
> program launched.
> This check would be skipped if you clicked a link on the start menu
> (since you obviously meant to launch a program then).
Sounds good. A helper app could do this for us, I think.
> That said, there's no point becoming "safe" until the desktop also
> disables single click running of .desktop files that don't have the
> execute bit set. It's trivial to write a piece of Linux malware that
> does whatever you want by making it a .desktop file - you can even make
> it so it displays as whatever name you like (and not foo.desktop).
Right. Both changes are needed, the .desktop one more urgently.
More information about the wine-devel