[Bug 47627] New: Lightweight real-time background malware scanner.
https://bugs.winehq.org/show_bug.cgi?id=47627 Bug ID: 47627 Summary: Lightweight real-time background malware scanner. Product: Wine Version: unspecified Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: -unknown Assignee: wine-bugs(a)winehq.org Reporter: jebeld17(a)gmail.com Distribution: --- With Wine being a Win32 compatibility later for Linux, it's safe to assume that some - even though not most - known viruses and malware may be able to run in Wine and affect files and data in the current Wine prefix, posing a possible risk to users. As a precaution, Wine really should contain a small, lightweight anti-malware service to run in the background when the Wine prefix is in use to help find and neutralize potential threats as they happen and safeguard user data. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=47627 Zebediah Figura <z.figura12(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|normal |enhancement CC| |z.figura12(a)gmail.com --- Comment #1 from Zebediah Figura <z.figura12(a)gmail.com> --- Not to say we don't care about security, but I suspect the likelihood of this happening is about the same as the likelihood of it happening to the host platforms that Wine is running on, minus several orders of magnitude due to priority. I also kind of doubt this is really within Wine's scope. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=47627 --- Comment #2 from Nikolay Sivov <bunglehead(a)gmail.com> --- Such malware scanner should run on host operating system, not wine. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=47627 --- Comment #3 from jebeld17(a)gmail.com --- Why should it be on the host OS if only the Wine user directories can be potentially infected? -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=47627 --- Comment #4 from Nikolay Sivov <bunglehead(a)gmail.com> --- It's not limited to wine prefix, it could infect anything your user has access to. Also wine prefix is only a directory, like any other directory in your system that scanner would check. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=47627 --- Comment #5 from jebeld17(a)gmail.com --- (In reply to Nikolay Sivov from comment #4)
It's not limited to wine prefix, it could infect anything your user has access to. Also wine prefix is only a directory, like any other directory in your system that scanner would check.
I don't believe I've ever heard of a piece of Windows malware that can attack a [theoretical] UNIX host that may or may not exist. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=47627 --- Comment #6 from Zebediah Figura <z.figura12(a)gmail.com> --- The very nature of Wine means that a Windows application can execute the same code that an equivalent native application does, e.g. it can make direct system calls using "int 0x80" or "syscall". Wine is not, and cannot be, a container, or virtualization environment; it is in many respects no more and no less secure than its host. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=47627 --- Comment #7 from jebeld17(a)gmail.com --- Then what about adding a software dependency such as ClamAV and utilize it's on-access scan tech to scan the entire system Wine is installed on? This hands off the responsibility of scanning to a partner open source piece of software. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=47627 --- Comment #8 from Zebediah Figura <z.figura12(a)gmail.com> --- (In reply to jebeld17 from comment #7)
Then what about adding a software dependency such as ClamAV and utilize it's on-access scan tech to scan the entire system Wine is installed on? This hands off the responsibility of scanning to a partner open source piece of software.
The user, or the distribution, is free to do that, if they think it appropriate. It's outside of our scope. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=47627 --- Comment #9 from jebeld17(a)gmail.com --- Oh sorry, I did not know that. As an alternative option, it might be nice to bundle the latest build of ClamAV with Wine anyways, just in case. Users would still obtain database updates from ClamAV without the need to constantly update it on the Wine-end if you did it that way. :) Just looking out for the community and trying to help solve problems. :) -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=47627 --- Comment #10 from jebeld17(a)gmail.com --- Oh sorry, I did not know that. As an alternative option, it might be nice to bundle the latest build of ClamAV with Wine anyways, just in case. Users would still obtain database updates from ClamAV without the need to constantly update it on the Wine-end if you did it that way. :) Just looking out for the community and trying to help solve problems. :) -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=47627 Austin English <austinenglish(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Resolution|--- |WONTFIX --- Comment #11 from Austin English <austinenglish(a)gmail.com> --- WONTFIX. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=47627 Austin English <austinenglish(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #12 from Austin English <austinenglish(a)gmail.com> --- Closing. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
participants (2)
-
wine-bugs@winehq.org -
WineHQ Bugzilla