https://bugs.winehq.org/show_bug.cgi?id=47627
Bug ID: 47627 Summary: Lightweight real-time background malware scanner. Product: Wine Version: unspecified Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: -unknown Assignee: wine-bugs@winehq.org Reporter: jebeld17@gmail.com Distribution: ---
With Wine being a Win32 compatibility later for Linux, it's safe to assume that some - even though not most - known viruses and malware may be able to run in Wine and affect files and data in the current Wine prefix, posing a possible risk to users.
As a precaution, Wine really should contain a small, lightweight anti-malware service to run in the background when the Wine prefix is in use to help find and neutralize potential threats as they happen and safeguard user data.
https://bugs.winehq.org/show_bug.cgi?id=47627
Zebediah Figura z.figura12@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Severity|normal |enhancement CC| |z.figura12@gmail.com
--- Comment #1 from Zebediah Figura z.figura12@gmail.com --- Not to say we don't care about security, but I suspect the likelihood of this happening is about the same as the likelihood of it happening to the host platforms that Wine is running on, minus several orders of magnitude due to priority. I also kind of doubt this is really within Wine's scope.
https://bugs.winehq.org/show_bug.cgi?id=47627
--- Comment #2 from Nikolay Sivov bunglehead@gmail.com --- Such malware scanner should run on host operating system, not wine.
https://bugs.winehq.org/show_bug.cgi?id=47627
--- Comment #3 from jebeld17@gmail.com --- Why should it be on the host OS if only the Wine user directories can be potentially infected?
https://bugs.winehq.org/show_bug.cgi?id=47627
--- Comment #4 from Nikolay Sivov bunglehead@gmail.com --- It's not limited to wine prefix, it could infect anything your user has access to. Also wine prefix is only a directory, like any other directory in your system that scanner would check.
https://bugs.winehq.org/show_bug.cgi?id=47627
--- Comment #5 from jebeld17@gmail.com --- (In reply to Nikolay Sivov from comment #4)
It's not limited to wine prefix, it could infect anything your user has access to. Also wine prefix is only a directory, like any other directory in your system that scanner would check.
I don't believe I've ever heard of a piece of Windows malware that can attack a [theoretical] UNIX host that may or may not exist.
https://bugs.winehq.org/show_bug.cgi?id=47627
--- Comment #6 from Zebediah Figura z.figura12@gmail.com --- The very nature of Wine means that a Windows application can execute the same code that an equivalent native application does, e.g. it can make direct system calls using "int 0x80" or "syscall". Wine is not, and cannot be, a container, or virtualization environment; it is in many respects no more and no less secure than its host.
https://bugs.winehq.org/show_bug.cgi?id=47627
--- Comment #7 from jebeld17@gmail.com --- Then what about adding a software dependency such as ClamAV and utilize it's on-access scan tech to scan the entire system Wine is installed on? This hands off the responsibility of scanning to a partner open source piece of software.
https://bugs.winehq.org/show_bug.cgi?id=47627
--- Comment #8 from Zebediah Figura z.figura12@gmail.com --- (In reply to jebeld17 from comment #7)
Then what about adding a software dependency such as ClamAV and utilize it's on-access scan tech to scan the entire system Wine is installed on? This hands off the responsibility of scanning to a partner open source piece of software.
The user, or the distribution, is free to do that, if they think it appropriate. It's outside of our scope.
https://bugs.winehq.org/show_bug.cgi?id=47627
--- Comment #9 from jebeld17@gmail.com --- Oh sorry, I did not know that. As an alternative option, it might be nice to bundle the latest build of ClamAV with Wine anyways, just in case. Users would still obtain database updates from ClamAV without the need to constantly update it on the Wine-end if you did it that way. :)
Just looking out for the community and trying to help solve problems. :)
https://bugs.winehq.org/show_bug.cgi?id=47627
--- Comment #10 from jebeld17@gmail.com --- Oh sorry, I did not know that. As an alternative option, it might be nice to bundle the latest build of ClamAV with Wine anyways, just in case. Users would still obtain database updates from ClamAV without the need to constantly update it on the Wine-end if you did it that way. :)
Just looking out for the community and trying to help solve problems. :)
https://bugs.winehq.org/show_bug.cgi?id=47627
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Resolution|--- |WONTFIX
--- Comment #11 from Austin English austinenglish@gmail.com --- WONTFIX.
https://bugs.winehq.org/show_bug.cgi?id=47627
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #12 from Austin English austinenglish@gmail.com --- Closing.
-
wine-bugs@winehq.org -
WineHQ Bugzilla