[Wine] [Wine 1.3] Access to "/" for Windows Applications

[PleegWat]

On 08/18/2010 08:34 PM, Lastcoder wrote:
> DaVince wrote:
>> ..
>> Since you removed Z:, You shouldn't be able to select one of these files and then open or save it under that name. If you can, then we have a problem.
>
>
> yeah .. it's possible to RENAME or DELETE the files ! Just tested it with some Windows tools - the windows' open file dialog that is used by most applications natively supports a context menu for file operation like rename or delete .. and that works ! it is not as dangerous as reading the files but seen from this angle not much behind ...
>
> IMHO it is okay if people want windows applications running with wine to see and handle their files but for reasons of security default wine configuration should deny every kind of file or directory access out of whatever is linked to windows drives like "C:" ...
>
> So long
>
> LastCoder
>

That dialog is implemented by windows, and wine. So it is wine providing 
the functionality.

Deleting the 'Z:' symlink goes some way to preventing a windows app 
accessing the rest of the drive, but it's not a certainty. Especially 
malicious code can do everything a linux program with the same 
permissions could do. Wine is not a sandbox.

PleegWat