On 13/03/2008, Dan Kegel dank@kegel.com wrote:
On 3/13/08, L. Rahyen research@science.su wrote:
Separate user is enough if you don't have world writable files in yoursystem.
No, because the malware could root your Linux system using a local priv escalation exploit. You really want a totally isolated sandbox.
Do you know what the status of the ClamAv support is for malware detection through the Windows API?
Also, should this really map the Windows API to use Linux API for malware detection (http://lwn.net/Articles/260918/), or the Mac API, or other OS APIs if available? If none is provided, the Windows calls could use ClamAv as a fallback if available.
Also, should an effort be made to get Windows AV products working on Wine? This has the problem that they would likely require Windows kernel APIs that Wine isn't providing. It would also require testing.
In addition to AV support, should Wine use the Windows API to use a firewall if one is available on the OS that Wine is running?
- Reece