Malware on Wine review

Dan Kegel dank at
Tue Feb 24 20:26:17 CST 2009

On Tue, Feb 24, 2009 at 6:07 PM, Scott Ritchie <scott at> wrote:
> When I brought this up at the Ubuntu Developer Summit a while back, the
> security conscious there wanted to check an executable for the execute
> bit before launching it with Wine.  Then, the user would be prompted if
> they wanted to run it, and if yes the execute bit would be set and the
> program launched.
> This check would be skipped if you clicked a link on the start menu
> (since you obviously meant to launch a program then).

Sounds good.  A helper app could do this for us, I think.

> That said, there's no point becoming "safe" until the desktop also
> disables single click running of .desktop files that don't have the
> execute bit set.  It's trivial to write a piece of Linux malware that
> does whatever you want by making it a .desktop file - you can even make
> it so it displays as whatever name you like (and not foo.desktop).

Right.  Both changes are needed, the .desktop one more urgently.
- Dan

More information about the wine-devel mailing list