3 Replies - 2998 Views - Last Post: 14 July 2012 - 09:19 PM

#1 AVReidy  Icon User is offline

  • D.I.C Regular
  • member icon

Reputation: 65
  • View blog
  • Posts: 431
  • Joined: 17-February 11

Is WINE a security threat for Linux?

Posted 14 July 2012 - 06:42 PM

I understand that Linux is safe from most malware because viruses and trojans are primarily built for Windows due to its overwhelming popularity, and because Linux has the root system in place, so it's tough for a trojan to get the privileges required to wreak havoc.

Honestly, I don't know that much about WINE, but I think it's very useful and I probably wouldn't want to single boot Linux without it (mostly because I need my games). But if my assumption is correct - that WINE gives the programs it helps run enough privileges to do some damage - isn't it a security issue?

What if a Windows virus is pushed on to your Ubuntu PC? Will it just sit there because it doesn't know about or check for WINE? And what if, hypothetically, this virus knows how to get WINE to run its Windows component? Can WINE give this Windows virus permission to delete anything deeper than the home directory? I assume this isn't seen as a threat because most Windows viruses are some form of Windows executable, and so cannot run themselves once downloaded on a Linux PC (much less know to call themselves with WINE, but if this is the case, I still want to know what would happen if someone explicitly ran a Windows trojan with WINE.

What do you think?

Is This A Good Question/Topic? 0
  • +

Replies To: Is WINE a security threat for Linux?

#2 no2pencil  Icon User is online

  • Toubabo Koomi
  • member icon

Reputation: 5248
  • View blog
  • Posts: 27,071
  • Joined: 10-May 07

Re: Is WINE a security threat for Linux?

Posted 14 July 2012 - 06:48 PM

View PostAVReidy, on 14 July 2012 - 09:42 PM, said:

But if my assumption is correct - that WINE gives the programs it helps run enough privileges to do some damage - isn't it a security issue?

Windows viruses attack it's weak spot. The centralization of the registry. The virus will make sure it runs upon startup, & it will infect whatever it's payload is. The WINE installation may or may not be open to the attack, but the Linux system never will. Despite it's running with a heightened level of privileges, how does a Windows executable file (launched by WINE) execute on a Non NTFS file system? It doesn't, it can't, & it won't.

View PostAVReidy, on 14 July 2012 - 09:42 PM, said:

What if a Windows virus is pushed on to your Ubuntu PC?

It would deliver it's payload & Wine would execute the infection.

If a Windows executable file can access a file system it can't read, write or execute (non-NTFS), & it's able to function beyond the Operating System it's running on, then yes. To my knowledge, the Windows kernel can not to date read, write, or execute any file system other than NTFS or Fat/Fat32.
Was This Post Helpful? 2
  • +
  • -

#3 AVReidy  Icon User is offline

  • D.I.C Regular
  • member icon

Reputation: 65
  • View blog
  • Posts: 431
  • Joined: 17-February 11

Re: Is WINE a security threat for Linux?

Posted 14 July 2012 - 07:55 PM

Appreciate your answer, thanks
Was This Post Helpful? 0
  • +
  • -

#4 Lemur  Icon User is offline

  • Pragmatism over Dogma
  • member icon


Reputation: 1359
  • View blog
  • Posts: 3,425
  • Joined: 28-November 09

Re: Is WINE a security threat for Linux?

Posted 14 July 2012 - 09:19 PM

Not even taking into consideration that if you have security settings tuned correctly, it would require a CHMOD +x for the thing to even run in the first place. It can't do a thing unless you explicitly say it can.
Was This Post Helpful? 2
  • +
  • -

Page 1 of 1