PDA

View Full Version : Malware under WINE?



Aloone
11th December 2009, 01:06 AM
Is it possible for malware to run under WINE?

I know that it couldn't actually damage the Linux system but surely other nasty things could happen if malware gets in there:


A worm could email copies of itself to other emails
Spyware could scan my hard drive for credit card details.
A trojan could download loads of child porn which could get be put in prison of beaten to death by an angry mob.

All of the above can take place without root access.

I'm generally quite careful about what I install but perhaps I should apply the same caution to WINE?

I might look into installing ClamAV on Fedora so I can scan all Windows software before installing it under WINE.

Does anyone else here know about this?

Have you personally suffered from malware running under WINE?

Milena
11th December 2009, 01:29 AM
wine is a translation layer and not an emulation of the windows kernel therefore windows malware, trojans and viruses can only run to some extent but yea they could of course download said illegal material and get you jailed if you catch or execute something real bad :p be aware of what you run in wine and what not, it also helps to have separate prefixes for everything you install, that can somewhat isolate the bad bug and check with clamav if you feel like it. it is very unlikely that something started within wine becomes dangerous for your fedora system. never run wine as root btw.

Rainulf
11th December 2009, 05:13 AM
I think it all comes down to common sense. Primary reason how most people get malwares and spywares is because they're stupid. They keep opening and opening and opening files. I don't really know how WINE works, but I heard that it does catch up some of Windows' nasty stuff. In the end man, just be cautious of what you run..

stevea
11th December 2009, 06:31 AM
Just for grins, i was running IE6.5 from the Tatanka website under wine I was did successfully get a virus installed under wine ! So yes Wine can be compromised the same ways Windoze is compromised. About 99% fromemail clients, browsers ,downloads and naughty services.

Aloone
11th December 2009, 02:45 PM
Don't you mean IE 5.5? There isn't IE 6.5, unless there's something I've missed.

I'm still trying to get IE to work under Fedora, I've tried IEs4Linux without any success, WINE just crashes.

How would I clean an infected WINE installation?

Milena
11th December 2009, 02:54 PM
How would I clean an infected WINE installation?

delete the wine folder in your /home would be the easiest and safest way
like mentioned above its not recommend to use the default ~/.wine folder for everything you install.
create clean and separate prefixes with:


wineprefixcreate --prefix /home/<user>/mywineapp

and to start apps in different prefixes:


env WINEPREFIX="/home/<user>/mywineapp" wine app.exe

Aloone
26th December 2009, 06:10 PM
Just got IE 6 running uner Linux.

The problem was I had told it to install flash but it didn't like it, I'll have a go at doing it manually.

Now I have to be careful what sites I visit using IE. :D

I think installing IE under Linux is great because it means I can use some of those annoying IE only sites.