Malware on Wine review
Scott Ritchie
scott at open-vote.org
Tue Feb 24 22:57:23 CST 2009
Chris Robinson wrote:
> On Tuesday 24 February 2009 6:07:08 pm Scott Ritchie wrote:
>> When I brought this up at the Ubuntu Developer Summit a while back, the
>> security conscious there wanted to check an executable for the execute
>> bit before launching it with Wine. Then, the user would be prompted if
>> they wanted to run it, and if yes the execute bit would be set and the
>> program launched.
>
> Seems a bit too easy to me for this to be ineffective. It's been repeated
> often around here how people, especially Windows users, are conditioned to
> click "Yes" and not actually see or comprehend what they're clicking yes too
> ("I thought it was going to open it in notepad, not run it!"). IMHO, it would
> be better if they had to take the initiative to mark it +x, then run it again.
> That would prevent these kinds of surprises.
>
It would also make it completely unusable. Remember, all downloaded
executables (even intentionally downloaded ones) will be -x by default.
Do you really expect users to go right
click->properties->permissions->allow execution? Or will they just
conclude that it doesn't work.
Worse, you could actively irritate them - suppose they do double click
and you DONT offer the ability to open it, but instead instruct them to
go through that annoying procedure.
>> This check would be skipped if you clicked a link on the start menu
>> (since you obviously meant to launch a program then).
>
> Not necessarily. Along with the .desktop trojan, the blog I read also showed
> how to override system menu entries (by placing a replacement in the local
> folder which will override the system one). So the link you clicked on may not
> be what you intended..
>
>
But in order to do that a malicious script has to already be running!
Such a system is already owned.
Thanks,
Scott Ritchie
More information about the wine-devel
mailing list