https://bugs.winehq.org/show_bug.cgi?id=49701
Bug ID: 49701 Summary: Could you add a "Security" tab to the WINE Config window? Product: Wine Version: 5.14 Hardware: x86 OS: Linux Status: UNCONFIRMED Severity: enhancement Priority: P2 Component: -unknown Assignee: wine-bugs@winehq.org Reporter: 49studebaker@gmail.com Distribution: ---
There could be an option to enable/disable sandboxing. If a malware infected windows .exe is executed in Wine, the malicious code could be added to other windows programs. Could you make WINE sandbox each windows program by default? There could be an option to enable/disable access to windows encryption API's. A program could have it's own encryption library or built-in encryption code. WINE could prompt the user if he/she wants the program to encrypt other files. Certain folders could be marked as non-encryptable.
https://bugs.winehq.org/show_bug.cgi?id=49701
joaopa jeremielapuree@yahoo.fr changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |jeremielapuree@yahoo.fr
--- Comment #1 from joaopa jeremielapuree@yahoo.fr --- Is WINEPREFIX not enough for such a purpose?
https://bugs.winehq.org/show_bug.cgi?id=49701
Jactry Zeng jactry92@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |jactry92@gmail.com
https://bugs.winehq.org/show_bug.cgi?id=49701
Olivier F. R. Dierick o.dierick@piezo-forte.be changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |INVALID Status|UNCONFIRMED |RESOLVED CC| |o.dierick@piezo-forte.be
--- Comment #2 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- Hello,
Please read point 7.4 (Is Wine malware-compatible?) and 7.5 (How good is Wine at sandboxing Windows apps?) in the Wine FAQ: https://wiki.winehq.org/FAQ#Is_Wine_malware-compatible.3F
Wine doesn't do any kind of sandboxing and that is outside the scope of the project.
The malicious code can do direct syscall to access all unix files with the permissions of the user running the application, effectively bypassing any security features that would be implemented in Wine.
A security tab has no purpose because Wine doesn't provide any security features.
As for preventing encryption of certain files or directories, that is impossible at the Wine level. Disabling Windows encryption API will NOT prevent malicious code to encrypt anything, using its own encryption code or even calling Unix(Linux) encryption API. Such an option would only break legit applications that calls the Windows Encryption API.
Security and sandboxing must be achieved at the Unix(Linux) level.
See bug 11421, bug 25537 and bug 45419 for further discussions.
Regards.
https://bugs.winehq.org/show_bug.cgi?id=49701
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #3 from Austin English austinenglish@gmail.com --- Closing.
https://bugs.winehq.org/show_bug.cgi?id=49701
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|CLOSED |RESOLVED
--- Comment #4 from Austin English austinenglish@gmail.com --- Closing.
https://bugs.winehq.org/show_bug.cgi?id=49701
Gijs Vermeulen gijsvrm@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #5 from Gijs Vermeulen gijsvrm@gmail.com --- Closing INVALID.
-
WineHQ Bugzilla