Malware on Wine review

Chris Robinson chris.kcat at
Tue Feb 24 20:35:32 CST 2009

On Tuesday 24 February 2009 6:07:08 pm Scott Ritchie wrote:
> When I brought this up at the Ubuntu Developer Summit a while back, the
> security conscious there wanted to check an executable for the execute
> bit before launching it with Wine.  Then, the user would be prompted if
> they wanted to run it, and if yes the execute bit would be set and the
> program launched.

Seems a bit too easy to me for this to be ineffective. It's been repeated 
often around here how people, especially Windows users, are conditioned to 
click "Yes" and not actually see or comprehend what they're clicking yes too 
("I thought it was going to open it in notepad, not run it!"). IMHO, it would 
be better if they had to take the initiative to mark it +x, then run it again. 
That would prevent these kinds of surprises.

> This check would be skipped if you clicked a link on the start menu
> (since you obviously meant to launch a program then).

Not necessarily. Along with the .desktop trojan, the blog I read also showed 
how to override system menu entries (by placing a replacement in the local 
folder which will override the system one). So the link you clicked on may not 
be what you intended..

More information about the wine-devel mailing list