Adding binfmt configuration to official Wine packages
Jens Reyer
jre.winesim at gmail.com
Mon Aug 22 11:36:46 CDT 2016
On 22.08.2016 18:18, Bruno Jesus wrote:
> On Mon, Aug 22, 2016 at 1:08 PM, Jens Reyer <jre.winesim at gmail.com> wrote:
>> On 22.08.2016 17:52, Bruno Jesus wrote:
>>> On Mon, Aug 22, 2016 at 11:57 AM, Rosanne DiMesio <dimesio at earthlink.net> wrote:
>>>> On Mon, 22 Aug 2016 15:28:39 +0200
>>>> Jens Reyer <jre.winesim at gmail.com> wrote:
>>>>
>>>>>>
>>>>>> What are the security implications? Won't this make it easier for malware to execute without being Wine-aware, or am I just being paranoid?
>>>>>
>>>>> We don't enable binfmt in Debian for exactly this reason (see
>>>>> https://bugs.debian.org/819255). So I'd also be interested in other
>>>>> opinions.
>>>
>>> Hi, I don't understand the security implications yet. If I download a
>>> malware and run it like ./malware.exe or wine malware.exe what is the
>>> difference?
>>
>> Whether you can accidentally do it manually?
>> And if something else is able to start the exe?
>
> Sorry, I really still don't understand what is the problem. You mean I
> can accidentally type and run ./malware.exe for example using tab key
> completion? That is the problem?
First off, I can't say for sure, still making up my mind on this.
But yes, either that, or Rosanne's USB thumb drive example, or email
attachments.
When I last discussed this with someone it was suggested to add some
code to Wine which checks if an exe was run before. If it runs the first
time you might prompt the user to confirm (so something like the
infamous Windows warning about unkown applications, which usually just
gets clicked away).
Greets
jre
More information about the wine-devel
mailing list