Slashdot Mirror

← Back to Stories (view on slashdot.org)

WINE: A New Place for KLEZ to Play?

Posted by michael on from the playing-with-fire dept.

An anonymous submitter sends in this cautionary tale about Wine being maybe a little too good at emulating Windows. Update: 10/23 21:05 GMT by M : Better links: mirror 1, mirror 2.

5 of 318 comments (clear)

  1. Slashdot crashed my machines by Anonymous Coward · · Score: 5, Informative

    On the footer of *every single page* at linuxguru.net, we specifically request that slashdot not link our stories because we can't handle the load.

    I now have two dead machines because they linked us anyways.

    -James Blackwell

    1. Re:Slashdot crashed my machines by OnyxRaven · · Score: 5, Informative

      ...moderated funny... gah.

      Aanyway, why not do what a few other sites do... in Apache just reject anything with a referer from slashdot.org domain. redirect it to something like a tripod page that says "your link has been rejected - linked from slashdot" or something.

      or heck, just drop the request. Make them mirror it.

      --
      --onyx--
  2. A similar writeup about Klez and WINE by Adam9 · · Score: 5, Informative

    Well, this article that I found here that discusses the limitations of Klez on WINE and how Sircam was able to run on WINE. All in all, it appears to be a limited threat.

  3. Re:Wine is not an emulator ... by SpamapS · · Score: 5, Informative

    Its not just "windows" that is susceptible to viruses. It is the API that is too trusting, and the file permissions. When you run wine, you generally own all of the files (default is ~/.wine/fake_windows). So you're going to be able to do anything you could on a windows box.

    Its not all that surprising that a virus would run without problems. Many of them do exploit actual bugs in the Windows code, but most of them just make regular old crappy Win32 API calls.

    --
    SpamapS -- Undernet #Linuxhelp
  4. Re:Uhhhh.... by Nailer · · Score: 5, Informative
    Yes, but if your day requires you to run Outlook 2000 throughout your day, then its not practical to shut Wine off (the Ximian Connector still doesn't do everything Outlook does with regards to Exchange).

    One mitigating factor: codeweavers do built in a protection against executable attachments in their winex product.

    • Run Office setup fro myour menu (thats ~/cxoffice/bin/officesetup)
    • Click configuration
    • Hit the advanced button
    • Notice the Outlook security tab, which is turned on by default. "prevent MS Outlook fro mrunning files with these extensions: vbs;wsf;vbe;wsh;hta;bat;pif;exe;scr;lnk"
    • Wait for StarOffice to get anough market share to have its own real viruses.