[Bug 25537] New: Wine allows access to / regardless configured ~/.wine/dosdevices

16 Dec 2010


      http://bugs.winehq.org/show_bug.cgi?id=25537
Summary: Wine allows access to / regardless configured
                    ~/.wine/dosdevices
           Product: Wine
           Version: 1.3.9
          Platform: All
        OS/Version: other
            Status: UNCONFIRMED
          Severity: critical
          Priority: P2
         Component: wineserver
        AssignedTo: wine-bugs@winehq.org
        ReportedBy: t.artem@mailcity.com
Probably since 1.3.8 or 1.3.9 any Windows application can open
(read/write/list/erase) any files in / (root) regardless user defined disk
devices (under ~/.wine/dosdevices).
It's a huge security issue, because in the past you could erase z: -> /
symbolic link and safely run any software (including malware).
This security measure has been removed without any explanations how to harden
your Wine PREFIX.
-- 
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

[Bug 25537] New: Wine allows access to / regardless configured ~/.wine/dosdevices