How is Win/Dos syscalls implemented in Wine?

Ove Kaaven ovehk at
Sat Oct 26 09:38:08 CDT 2002

On Sat, 26 Oct 2002, Peter Andersson wrote:

> Thanks for putting my thinking on the right track again...
> Conclusion:
> The ntdll is for wine apps what libc is for Linux/Unix.
> Syscalls is made from ntdll and the native version is never
> run. 

That sounds about right.

> You are right about the syscalls in Linux, too bad
> theres no protection for it though. It should be, otherwise
> there could appear wine_linux viruses.  
> Cant you fix this with ptrace?

It's not generally considered a big risk (it could even be considered a
feature in some situations), and excessive ptrace usage makes attaching
with a debugger like gdb much harder, and it's not that easy to do (it
should obviously be permitted from Wine code, but not Win32 code, but how
do your ptrace handler figure out what's Wine code and what's not?). But
feel free to code it yourself if you're concerned...

More information about the wine-users mailing list