Sylvain Petreolle
2008-Apr-18 15:25 UTC
[Wine] Re : How to remove read access to / and my $HOME
> De : Dan Kegel <dank at kegel.com> > ? : Randall Hopper <viznut at charter.net> > Cc : wine-users at winehq.org > Envoy? le : Jeudi, 17 Avril 2008, 0h14mn 03s > Objet : Re: [Wine] How to remove read access to / and my $HOME > > On Wed, Apr 16, 2008 at 3:00 PM, Randall Hopper wrote: > > |Sort of. By deleting the ~/.wine/dosdrives/z: symlink, you'll > > |make it a lot harder for malware to browse your system. > > |It's not foolproof, but give it a shot. > > > > Thanks, but I'd already done that. Inside IE6, File->Open->Browse... still > > lets me walk around inside of my entire Linux file system. > > > > I guess the question is, how do I get rid of the "/" folder (my Linux file > > system) which lives inside the top-level Desktop folder?: > > Ohhh. That. Yes. > > http://www.winehq.org/?issue=281#UnixFS%20for%20Windows%20Desktop > and > http://source.winehq.org/source/dlls/shell32/shfldr_unixfs.c#L118 > explain that you can disable that by deleting the registry key > HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\Namespace\{9D20AAE8-0625-44B0-9CA7-71889C2254D9} > > Does that do it for you? > >Hmm. It means that a program looking specifically for that would be able to reenable it at any moment. 1? Detect Wine, 2? Reenable unixfs unconditionally, 3? Do weird things with lots of unix files (especially if the user runs it as root)
Sylvain Petreolle skrev:> Hmm. > It means that a program looking specifically for that would be able to reenable it at any moment. > 1? Detect Wine, > 2? Reenable unixfs unconditionally, > 3? Do weird things with lots of unix files (especially if the user runs it as root)Why does that worry you? For anything Wine-aware, there's a far simpler way to get unlimited access to your Unix files. 1) Detect Wine 2) Do direct Linux syscalls 3) Profit Wine isn't a sandbox. There's no way you can prevent malicious software from accessing $HOME under Wine. Perhaps in the future it might be possible, if someone wrote some security module for Linux that only allowed syscalls from Wine builtin dlls and not PE native dlls or something, protected the dlls from being modified, and people otherwise tried to make Wine more secure. But for the time being, there's no shortage of attack vectors against Wine. (And yeah, definitely never run Wine as root.)