https://bugs.winehq.org/show_bug.cgi?id=49024 Bug ID: 49024 Summary: Malicious software able to alter, infect and/or destroy personal files Product: Wine Version: unspecified Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: major Priority: P2 Component: -unknown Assignee: wine-bugs(a)winehq.org Reporter: youtube(a)marcus-s.de Distribution: --- Hello, I might have discovered an issue with the current state of Wine execution of Windows programs. While Wine does run pretty well for what I need it, I have been pointed in the direction that it is also possible to execute malicious software to the same effect it has on Windows. Namely did I perform a test with the "WannaCry" ransomware on a non-live test bed - and have found that not only does it encrypt and destroy files in one's home folder (if standard Wine symlinks are kept in place), but also I found that files that lie outside of the Wine prefix are affected. For me, files in /tmp and a complete custom folder residing on the root level were also affected. I find this to be quite a security issue when Wine is also able to perform destructive code without any limitations. Steps to reproduce: - Install current version of Wine - Acquire a WannaCry (or other Virus) binary - Execute the binary - Observe results Expected result: - Security measure that prevents access to files and folders outside the Wine prefix unless specifically specified by user through Winecfg. Thanks, Marcus -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.