I think at best it should be up to the distribution to decide to enable additional security features, which is where most common users will get Wine from. Maybe display a warning on the download page?
(Gah, Reply to all, sorry Marcel.)
JL
On Tue, Feb 24, 2009 at 3:14 AM, Marcel Partap mpartap@gmx.net wrote:
What about having to mark the exe as +x before Wine will load it? That's easilly doable frame any sane filemanager and provides a good level of safety.. and Wine already does a good job of making sure installed programs get +x.
Wow it actually does, never noticed that up to now :O The problem would be with one of the more common use case: trying to start/install a program from an optical disc. The files will not be marked +x and the directories not be writable. This problem scenario is also rather specific to WiNE; not an issue for KDE f.e. whcih yesterday had a related change committed: .desktop files have to be marked as executable to be run on click now. Lively discussion about that is still ongoing on kde-core-devel.
Despite from the install-from-cdrom issue, few users that have (been) switched from windows to linux will know how to chmod +x a file, so wine would at least have to give them a hint (or even a button) to do it. But once it becomes easy, they will just get used to clicking it and not be consciously pondering if the action is safe or not. So while i think it'd make sense, i doubt it is a practical solution to require files to have the executable bit.
Maybe a better solution would be to introduce an optional dependency on ClamAV and tight integration with it - known malware could be filtered and distributors would have greater interest in contributing to continuous ClamAV signature updates..
regards marcel.
-- "Obstacles are those frightful things you see when you take your eyes off your goal." -- Henry Ford (1863-1947)
Change the world! Vote: http://hfopi.org/vote-future