Peter Andersson <kanelballe@softhome.net> writes: > The question is...Would you expect that damage from running a windows app > in wine, when you know it could be safely run in Windows? > In just a few embedded bytes in the code it could remove your home directory > in a single syscall. Would you expect that? - I wouldnt. You should. If you run untrusted code under your account it can do anything that you are allowed to. This is exactly equivalent to running an untrusted Linux app. From a security standpoint there is absolutely no difference between a Windows binary running under Wine and a Linux binary running natively. You can use the DOS drive configuration to limit the potential problems a bug in a Windows app can cause; but it is impossible to protect against malicious code except by not running it. Wine is not, and cannot be, a sandbox for running untrusted code. > Cant we atleast try implement some protection in wine against these attacks, > before something really nasty happens. No, we can't. -- Alexandre Julliard julliard@winehq.com _______________________________________________ wine-users mailing list wine-users@winehq.com http://www.winehq.com/mailman/listinfo/wine-users
