2009/1/15 Scott Ritchie <sc...@open-vote.org>: > There has been demand to implement a ClamAV powered on-access file scan > within Wine. That should fill that niche nicely, and also more > elegantly since we don't have to run a Wine process to check the Wine > system. This has the added benefit of making it harder to compromise > the virus checker itself, especially since that can then reside outside > the user's home folder. In a very real way, we could handle Windows > security better than Windows.
Yes. Attempting to run the virus checker on the system you're protecting is basically *insane*. An outboard checker on a different OS is a ridiculously better idea. The main problem with restricting access outside an app's WINEPREFIX is not that it's a bad idea (it's a great idea), but that it could lead to undue overconfidence on the part of users and an expectation that this will actually meaningfully increase security. - d.
