Malware on Wine review

Johan Dahlin johan at
Wed Feb 25 07:56:53 CST 2009

Dan Kegel wrote:
> On Tue, Feb 24, 2009 at 6:07 PM, Scott Ritchie <scott at> wrote:
>> When I brought this up at the Ubuntu Developer Summit a while back, the
>> security conscious there wanted to check an executable for the execute
>> bit before launching it with Wine.  Then, the user would be prompted if
>> they wanted to run it, and if yes the execute bit would be set and the
>> program launched.
>> This check would be skipped if you clicked a link on the start menu
>> (since you obviously meant to launch a program then).
> Sounds good.  A helper app could do this for us, I think.
>> That said, there's no point becoming "safe" until the desktop also
>> disables single click running of .desktop files that don't have the
>> execute bit set.  It's trivial to write a piece of Linux malware that
>> does whatever you want by making it a .desktop file - you can even make
>> it so it displays as whatever name you like (and not foo.desktop).
> Right.  Both changes are needed, the .desktop one more urgently.

That's already solved in nautilus;


More information about the wine-devel mailing list