Re: Fwd: this is scary

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 6 Aug 2002, phrostie wrote:

> i got this link from another list.
> does this affect applications running in wine?
>
> http://security.tombom.co.uk/shatter.html

No, applications running in Wine cannot be exploited in this way. The
security problem described in this paper involves sending messages from
a malicious Windows application run by user A to an application run by
user B.

With the current Wine architecture this is simply impossible. Each user
runs his own Wine server and Windows applications can only send messages
via that Wine server. To circumvent this one would have to write a Wine
aware Windows application, and that application would then have to find
a way to circumvent the Unix security mechanism. One final obstacle: it
is currently quite unusual (might well change) for multiple users to run
Wine concurrently, and even more unlikely that root or another
priviledged user would do so (unlike on NT were you have priviledged
services running at all times).


--
Francois Gouget         fgouget@free.fr        http://fgouget.free.fr/
                            $live{free} || die "";

_______________________________________________
wine-users mailing list
wine-users@winehq.com
http://www.winehq.com/mailman/listinfo/wine-users

[Index of Archives]     [Gimp for Windows]     [Red Hat]     [Samba]     [Yosemite Camping]     [Graphics Cards]     [Wine Home]

  Powered by Linux