Anne Wilson wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Saturday 25 Dec 2004 23:59, JoeHill wrote:
> On Sat, 25 Dec 2004 22:51:04 +0000
>
> Anne Wilson disseminated the following:
>
>>> Wine is fully capable of executing Win32 viruses, Trojans, and
>>> worms. Don't run Wine as root after it is installed. Then, you
>>> won't hurt the overall Linux system, although you will still be
>>> able to really mess up your user stuff if a virus gets
>>> executed.
>>
>> Is it vulnerable only when actually running a windows program, or
>> vulnerable by the very fact of being there?
>
> IIANM, Windows malware (is there any other kind...?), even run
> under Wine, would have very little if no effect on a Linux system.
> Firstly, it's going to be looking for files/folders/directories
> that do not exist (c:\Windows, \System32, Documents and Settings,
> etc.). Second, it will attempt to run other common
> commands/executables or exploit services which would exist on a Win
> system but not on Linux, like, say...well, all of them ;-)
To do anything at all in a windows program you have to allow things
to run, so it seems likely that there is some vulnerability to
anything that is within that windows environment. I agree that it
may not be as easy as on a pure windows system, but I do feel that
there is still a measure of risk, and I'm just trying to quantify it.
The linux system, of course, would not be attacked.
Anne
If you are going to run programs like Word, and have things like macros
working, then Visual Basic has to work. Now, how many of the virus are
written as VB scripts, and then inbedded in Word documents, or as e-mail
attachments... One of the big problems with Outlook has been that it
runs these by default. (I hear they fixed this, but I don't run
Outlook...) Now, they can not do as much damage as they could on a pure
Windows system, but they can still do damage. How much depends on how
closly the Wine envirment looks like Windows to running programs, and
what you have installed. But Wine has to look like Windows to programs
running under it, or the programs will not run. So you have the normal
Windows directories, most of the normal .dll files, etc. While the
"real" directory tree is not the same, what programs see is. And
programs still have to be able to write to this directory structure, or
you can not install programs, or do work. So, the better job Wine does
of emulating Windows, the more vunerable it is to a Windows virus. So
you want to set things up to limit the damage that can be done.
Mikkel
--
Do not meddle in the affairs of dragons,
for you are crunchy and taste good with Ketchup!
____________________________________________________
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
Join the Club : http://www.mandrakeclub.com
____________________________________________________
