On Thu, 6 Apr 2017, lukefro...@hushmail.com wrote:
For anything to pull in wine by default is a theoretical security risk,
due to the great many cross-platform exploits that then install
Windows-only payloads. While most of these would fail on a Linux/wine
setup due to not being invoked within wine, a malware author could
probably fix that.
A user installing wine to run a Windows binary is doing so knowingly
and is aware that Windows binaries can be run. A user expecting a
Linux machine to be unable to run Windows binaries and relying on
that for security could get a surprise if they are unaware wine is installed.
That too. Anyway, we have changed seeds to not install it (I hope). We
will monitor the next few ISO builds to make sure.
I have also removed the possibility of another phone home (check if I can
hit some site on the inet every 5 min) as well (supposedly only to check
if we are connected). Not only is it a security risk but also could be
hard on low latency uses. (I turn cron off when I want solid low
latency... it does make a difference)
--
Len Ovens
www.ovenwerks.net
--
ubuntu-studio-devel mailing list
ubuntu-studio-devel@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-studio-devel
