[Wine] [Wine 1.3] Access to "/" for Windows Applications
pleegwat at telfort.nl
Wed Aug 18 17:09:23 CDT 2010
On 08/18/2010 08:34 PM, Lastcoder wrote:
> DaVince wrote:
>> Since you removed Z:, You shouldn't be able to select one of these files and then open or save it under that name. If you can, then we have a problem.
> yeah .. it's possible to RENAME or DELETE the files ! Just tested it with some Windows tools - the windows' open file dialog that is used by most applications natively supports a context menu for file operation like rename or delete .. and that works ! it is not as dangerous as reading the files but seen from this angle not much behind ...
> IMHO it is okay if people want windows applications running with wine to see and handle their files but for reasons of security default wine configuration should deny every kind of file or directory access out of whatever is linked to windows drives like "C:" ...
> So long
That dialog is implemented by windows, and wine. So it is wine providing
Deleting the 'Z:' symlink goes some way to preventing a windows app
accessing the rest of the drive, but it's not a certainty. Especially
malicious code can do everything a linux program with the same
permissions could do. Wine is not a sandbox.
More information about the wine-users