Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Linux, Unix › Question about WINE
New Posts  All Forums:Forum Nav:

Question about WINE

post #1 of 22
Thread Starter 
a friend of mine, we were having a discussion tonight about wine, most here know i don't particular care for it. he did ask a weird question that honestly that sorta stumped me.

in theory, if you logged in as root, installed wine and say Firefox thru winetricks (not using the native FF), and you got a "virus" from web browsing thru it, what sort of damage could it do?

at first i was stumped, cause i was unable to answer him, has wine developed to the point where it can run deadly windows virus and cause damage to linux?

i know it is pretty ignorant to run as root, but people do it, and as to why they would use wine FF over the native client, would baffle me, but it wouldn't suprise me if ppl did this.

to me it still wouldn't do any damage, as it would be expecting to find windows registry and windows files, in a windows directory structure, and even the windows kernel, i'd imagine it would eat a ton of resources for a few minutes, and then crash wine, any one have any experience with this or thoughts?

i was half tempted to try this out in a vmware tonight.
Bazinga Punk
(12 items)
 
ooh shiny!
(6 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon 3440 AsRock P55 extreme Evga 8800 GT 512 MB Gskill Ripjaws 
Hard DriveCoolingOSMonitor
Western Digital Blue Antec Khuler 620 Ubuntu 11.10 Asus vw264H 
KeyboardPowerCaseMouse
GIGABYTE KM7600 CORSAIR TX 650 Cooler Master 590 GIGABYTE GM-M6800 
CPUMotherboardGraphicsRAM
Intel Core I5 6500 Gigabyte z170xp-SLI Nvidia 970gtx Corsair 16gb ddr4 2666mhz  
Hard DriveOS
250gb Samsung Evo 850 Windows 10 & Ubuntu 15.10 
  hide details  
Reply
Bazinga Punk
(12 items)
 
ooh shiny!
(6 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon 3440 AsRock P55 extreme Evga 8800 GT 512 MB Gskill Ripjaws 
Hard DriveCoolingOSMonitor
Western Digital Blue Antec Khuler 620 Ubuntu 11.10 Asus vw264H 
KeyboardPowerCaseMouse
GIGABYTE KM7600 CORSAIR TX 650 Cooler Master 590 GIGABYTE GM-M6800 
CPUMotherboardGraphicsRAM
Intel Core I5 6500 Gigabyte z170xp-SLI Nvidia 970gtx Corsair 16gb ddr4 2666mhz  
Hard DriveOS
250gb Samsung Evo 850 Windows 10 & Ubuntu 15.10 
  hide details  
Reply
post #2 of 22
I'd imagine the handlers that were built into the compatibility layer don't have the same kind of vulnerabilities as the standard windows handlers, but that's based purely on assumption.
Waiting on X399
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II B57 @ X4 3.9 Gigabyte 790FXTA-UD5 Sapphire Radeon 290 8 GB G.Skill 2133 
Hard DriveCoolingOSKeyboard
250 GB 840 EVO Noctua NH-D14 Windows 10 Logitech K350 
PowerCaseMouseMouse Pad
Seasonic x750 Corsair 600T Logitech G100s Razer Goliathus Speed 
Audio
Plantronics Gamecom 788 
  hide details  
Reply
Waiting on X399
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II B57 @ X4 3.9 Gigabyte 790FXTA-UD5 Sapphire Radeon 290 8 GB G.Skill 2133 
Hard DriveCoolingOSKeyboard
250 GB 840 EVO Noctua NH-D14 Windows 10 Logitech K350 
PowerCaseMouseMouse Pad
Seasonic x750 Corsair 600T Logitech G100s Razer Goliathus Speed 
Audio
Plantronics Gamecom 788 
  hide details  
Reply
post #3 of 22
Thread Starter 
been googling since i posted, seems to be a fairly common concern, there are a lot of "unlikely" circumstances that have to happen for it do any real damage, best i can ascertain is that it will wreck the "c:" drive that is created as a folder in the .wine folder...
Bazinga Punk
(12 items)
 
ooh shiny!
(6 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon 3440 AsRock P55 extreme Evga 8800 GT 512 MB Gskill Ripjaws 
Hard DriveCoolingOSMonitor
Western Digital Blue Antec Khuler 620 Ubuntu 11.10 Asus vw264H 
KeyboardPowerCaseMouse
GIGABYTE KM7600 CORSAIR TX 650 Cooler Master 590 GIGABYTE GM-M6800 
CPUMotherboardGraphicsRAM
Intel Core I5 6500 Gigabyte z170xp-SLI Nvidia 970gtx Corsair 16gb ddr4 2666mhz  
Hard DriveOS
250gb Samsung Evo 850 Windows 10 & Ubuntu 15.10 
  hide details  
Reply
Bazinga Punk
(12 items)
 
ooh shiny!
(6 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon 3440 AsRock P55 extreme Evga 8800 GT 512 MB Gskill Ripjaws 
Hard DriveCoolingOSMonitor
Western Digital Blue Antec Khuler 620 Ubuntu 11.10 Asus vw264H 
KeyboardPowerCaseMouse
GIGABYTE KM7600 CORSAIR TX 650 Cooler Master 590 GIGABYTE GM-M6800 
CPUMotherboardGraphicsRAM
Intel Core I5 6500 Gigabyte z170xp-SLI Nvidia 970gtx Corsair 16gb ddr4 2666mhz  
Hard DriveOS
250gb Samsung Evo 850 Windows 10 & Ubuntu 15.10 
  hide details  
Reply
post #4 of 22
I presume you already know what a horrendously bad idea it is to run a certain Windows web browser?

As for what a program might be able to damage, the answer is, anything your user account has access to. That's not just Wine and all your installed Windoze programs, but all your other personal files as well.
Underground
(14 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 920 C0 ASUS P6T6 WS Revolution GTX 460 TR3X6G1600C8D 
Hard DriveOptical DriveCoolingOS
WD1001FALS SAMSUNG SH-S223F 22X DVD MULTI Corsair H50 Fedora 16 KDE x86_64 
MonitorKeyboardPowerCase
HP w19b Microsoft Comfort Curve Corsair CX600 Thermaltake Armor VA8003BWS 
MouseMouse Pad
Razer DeathAdder Black 
  hide details  
Reply
Underground
(14 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 920 C0 ASUS P6T6 WS Revolution GTX 460 TR3X6G1600C8D 
Hard DriveOptical DriveCoolingOS
WD1001FALS SAMSUNG SH-S223F 22X DVD MULTI Corsair H50 Fedora 16 KDE x86_64 
MonitorKeyboardPowerCase
HP w19b Microsoft Comfort Curve Corsair CX600 Thermaltake Armor VA8003BWS 
MouseMouse Pad
Razer DeathAdder Black 
  hide details  
Reply
post #5 of 22
hey error10

wouldn't it just tank the wine folders, ie wine's C, and so on, and any personal info accessible to Wine? i'm guessing though

definitely be something to try in a VM.
Herschel
(14 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 4770K ASRock Z87M Extreme4 eVGA GTX 680 2GB 12GB G.Skill Ripjaws 1600 
Hard DriveOptical DriveOSMonitor
1x 60GB SSD 1x 500GB, 1x 640GB, 1x 1TB Asus something or other Windows 7 Ultimate x64 Acer H236HLbid (23" 1920x1080) 
MonitorKeyboardPowerCase
Asus VE198 (19". 1440x900) Microsoft Sidewinder X4 Seasonic X650 Antec P180 Mini White 
Mouse
Logitech G500 
  hide details  
Reply
Herschel
(14 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 4770K ASRock Z87M Extreme4 eVGA GTX 680 2GB 12GB G.Skill Ripjaws 1600 
Hard DriveOptical DriveOSMonitor
1x 60GB SSD 1x 500GB, 1x 640GB, 1x 1TB Asus something or other Windows 7 Ultimate x64 Acer H236HLbid (23" 1920x1080) 
MonitorKeyboardPowerCase
Asus VE198 (19". 1440x900) Microsoft Sidewinder X4 Seasonic X650 Antec P180 Mini White 
Mouse
Logitech G500 
  hide details  
Reply
post #6 of 22
Quote:
Originally Posted by beers View Post
I'd imagine the handlers that were built into the compatibility layer don't have the same kind of vulnerabilities as the standard windows handlers, but that's based purely on assumption.
this
OoGhiJ MIQtxxXA
(13 items)
 
  
CPUMotherboardGraphicsRAM
q9550 E0 @3.825ghz Abit IX48-GT3 Tigerforce SPARKLE GTX470 850c/1800m 220 650c sli later 4GB DDR3 Mushkin blackline 7-8-7-24-1T 1200mhz 
Hard DriveOptical DriveOSMonitor
WD1tb +WD500gb +WD200gb not like I need one edge linux LG 22" w2240 +optiquest q71 
KeyboardPowerCaseMouse
Adesso MKB-135B Mechanical DELTA GPS-750B A 750w sleeved moded Kandalf LCS Razer Mamba 
Mouse Pad
don't got one or need one 
  hide details  
Reply
OoGhiJ MIQtxxXA
(13 items)
 
  
CPUMotherboardGraphicsRAM
q9550 E0 @3.825ghz Abit IX48-GT3 Tigerforce SPARKLE GTX470 850c/1800m 220 650c sli later 4GB DDR3 Mushkin blackline 7-8-7-24-1T 1200mhz 
Hard DriveOptical DriveOSMonitor
WD1tb +WD500gb +WD200gb not like I need one edge linux LG 22" w2240 +optiquest q71 
KeyboardPowerCaseMouse
Adesso MKB-135B Mechanical DELTA GPS-750B A 750w sleeved moded Kandalf LCS Razer Mamba 
Mouse Pad
don't got one or need one 
  hide details  
Reply
post #7 of 22
Quote:
Originally Posted by -iceblade^ View Post
hey error10

wouldn't it just tank the wine folders, ie wine's C, and so on, and any personal info accessible to Wine? i'm guessing though

definitely be something to try in a VM.
Your entire home directory (and some other stuff like /tmp) is accessible to Wine. How much do you REALLY want to run Internet Explorer in Wine and visit www.b4tt1e.net?
Underground
(14 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 920 C0 ASUS P6T6 WS Revolution GTX 460 TR3X6G1600C8D 
Hard DriveOptical DriveCoolingOS
WD1001FALS SAMSUNG SH-S223F 22X DVD MULTI Corsair H50 Fedora 16 KDE x86_64 
MonitorKeyboardPowerCase
HP w19b Microsoft Comfort Curve Corsair CX600 Thermaltake Armor VA8003BWS 
MouseMouse Pad
Razer DeathAdder Black 
  hide details  
Reply
Underground
(14 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 920 C0 ASUS P6T6 WS Revolution GTX 460 TR3X6G1600C8D 
Hard DriveOptical DriveCoolingOS
WD1001FALS SAMSUNG SH-S223F 22X DVD MULTI Corsair H50 Fedora 16 KDE x86_64 
MonitorKeyboardPowerCase
HP w19b Microsoft Comfort Curve Corsair CX600 Thermaltake Armor VA8003BWS 
MouseMouse Pad
Razer DeathAdder Black 
  hide details  
Reply
post #8 of 22
Thread Starter 
Quote:
Originally Posted by error10 View Post
Your entire home directory (and some other stuff like /tmp) is accessible to Wine. How much do you REALLY want to run Internet Explorer in Wine and visit www.b4tt1e.net?
i'm froggy, setting up a vbox now
Bazinga Punk
(12 items)
 
ooh shiny!
(6 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon 3440 AsRock P55 extreme Evga 8800 GT 512 MB Gskill Ripjaws 
Hard DriveCoolingOSMonitor
Western Digital Blue Antec Khuler 620 Ubuntu 11.10 Asus vw264H 
KeyboardPowerCaseMouse
GIGABYTE KM7600 CORSAIR TX 650 Cooler Master 590 GIGABYTE GM-M6800 
CPUMotherboardGraphicsRAM
Intel Core I5 6500 Gigabyte z170xp-SLI Nvidia 970gtx Corsair 16gb ddr4 2666mhz  
Hard DriveOS
250gb Samsung Evo 850 Windows 10 & Ubuntu 15.10 
  hide details  
Reply
Bazinga Punk
(12 items)
 
ooh shiny!
(6 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon 3440 AsRock P55 extreme Evga 8800 GT 512 MB Gskill Ripjaws 
Hard DriveCoolingOSMonitor
Western Digital Blue Antec Khuler 620 Ubuntu 11.10 Asus vw264H 
KeyboardPowerCaseMouse
GIGABYTE KM7600 CORSAIR TX 650 Cooler Master 590 GIGABYTE GM-M6800 
CPUMotherboardGraphicsRAM
Intel Core I5 6500 Gigabyte z170xp-SLI Nvidia 970gtx Corsair 16gb ddr4 2666mhz  
Hard DriveOS
250gb Samsung Evo 850 Windows 10 & Ubuntu 15.10 
  hide details  
Reply
post #9 of 22
for the most part no, unless it involves formatting/removing all files. Viruses attach themselvs to known functions inside file types. This would be possible however we would need to know the file name/extension that has the exact same sect of code it attaches too.

If you get any of what I'm saying, it's basically the code base is too different and the virus would have to work/run on two separate sets of code. This is problematic because it would have to be twice as large. The person would also have to hope that people in linux would run the windows app in a way to be exploitable. Might as well write a linux virus at that point.

[edit] It's the same reason why the steam in game chat won't work. Code injection only works if you know where the memory pointers are, and you can only know that if you know how the memory pointers are working. Steam doesn't know that your on linux so it's going to look for the code functions as if it's in windows, which won't work. A virus does the same thing, to memory and files, which doesn't work. The virus doesn't know that linux doesn't have .exe's, it also doesn't know that linux has different functions and what they are.
Edited by mushroomboy - 2/21/11 at 5:20pm
Current Rig
(14 items)
 
  
CPUMotherboardGraphicsRAM
FX-8350 4.6GHz@1.44v GA-990FXA-UD3 R4.0 HD 7950 (1100/1450) 8G Muskin DDR3 1866@8CLS 
Hard DriveOptical DriveOSMonitor
1TB WD LiteOn DVD-RW DL Linux/Windows 19" Phillips TV 1080p 
PowerCaseMouseMouse Pad
OCZ 600W Generic Junk Logitech MX400 Generic Junk 
Audio
SBL 5.1 
  hide details  
Reply
Current Rig
(14 items)
 
  
CPUMotherboardGraphicsRAM
FX-8350 4.6GHz@1.44v GA-990FXA-UD3 R4.0 HD 7950 (1100/1450) 8G Muskin DDR3 1866@8CLS 
Hard DriveOptical DriveOSMonitor
1TB WD LiteOn DVD-RW DL Linux/Windows 19" Phillips TV 1080p 
PowerCaseMouseMouse Pad
OCZ 600W Generic Junk Logitech MX400 Generic Junk 
Audio
SBL 5.1 
  hide details  
Reply
post #10 of 22
i imagine the file system would also cut back on a viruses usefulness lol ext4 vs ntfs might not be the happiest env for the viruses to run on

ive kinda thought about how much wine is progressing... but.... it really doesnt seem like it should be anything to worry about i can barely make stuff run that i want it to run, how the hell would a random virus run? lol

if you were running a browser and stuff though, i could see your browser getting hijacked via plugin or something of that sort... but it wouldnt be able to go any farther than that

in the future if wine really improves greatly like everyone wants it to then i could see the need to be running an AV when you decide to use wine for a stupid reason... BUT most everything you do in windows that can pickup a virus works just as well if not better in linux such as media stuff, downloading, torenting, browsing... all that... so there shouldnt be any need to even worry
Kinda meh now...
(13 items)
 
  
CPUMotherboardGraphicsRAM
PhII 940 BE asus M4N82 Deluxe 2x 8800gts(g92) 2x 1g ocz ddr2 1066 
Hard DriveOptical DriveOSMonitor
/dev/sd[abc] /dev/sr0 WinXP/Linux 22in acer 
PowerCaseMouseMouse Pad
950w rosewill timebomb Antec 900 (2small) Voodoo Deathadder (RED!) X-Trac Pads Ripper XL 
  hide details  
Reply
Kinda meh now...
(13 items)
 
  
CPUMotherboardGraphicsRAM
PhII 940 BE asus M4N82 Deluxe 2x 8800gts(g92) 2x 1g ocz ddr2 1066 
Hard DriveOptical DriveOSMonitor
/dev/sd[abc] /dev/sr0 WinXP/Linux 22in acer 
PowerCaseMouseMouse Pad
950w rosewill timebomb Antec 900 (2small) Voodoo Deathadder (RED!) X-Trac Pads Ripper XL 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Linux, Unix
Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Linux, Unix › Question about WINE