On Mon, Aug 12, 2013 at 10:40:48PM +0900, Andrew Church wrote:
Hi Marcus,
If it is not a high severe issue you can also just mail this mailinglist here (wine-devel).
Thanks for the info. As it turns out, it's an already-known issue (unixfs allows full host filesystem access through Windows APIs even if there's no equivalent dosdevices link -- reported as http://bugs.winehq.org/show_bug.cgi?id=22450) so I just added a comment onto the bug.
Depending on what attack scenario you envision, disabling unixfs is not enough.
If you want to avoid actually executed malware from accessing the UNIX fs directly, you are out of luck as the malware could just do systemcalls itself (int 0x80 on x86 for instance).
Remember Wine is made to execute Win32 code. ;)
If you think indirectly executed unixfs shellfolder accesses, this might be blocked by that, yes.
Ciao, Marcus