Another virus-in-wine story
Dan Kegel
dank at kegel.com
Sun Oct 25 17:42:33 CDT 2009
On Sun, Oct 25, 2009 at 2:18 PM, Nicholas LaRoche <nlaroche at vt.edu> wrote:
> A specially crafted win32 wine-aware malware app could leverage sys_open(1)
> and sys_write(4) via int 80h to bypass this isolation and install itself
> anywhere in the users home directory.
Yes. That's why I don't think win32-only sandboxing is
sufficient. A native sandbox is needed to provide any
real security.
sandboxing.org talks about various implementations
of native sandboxes for linux. Chrome's, for example,
are described here:
http://sandboxing.org/?page_id=13
Many of them are based on chroot, but there are
also ones based on seccomp and selinux.
It would be interesting to, for instance, offer a truly
secure sandboxed wine to run ie7 in...
- Dan
More information about the wine-devel
mailing list