On 22.08.2016 17:52, Bruno Jesus wrote:
On Mon, Aug 22, 2016 at 11:57 AM, Rosanne DiMesio dimesio@earthlink.net wrote:
On Mon, 22 Aug 2016 15:28:39 +0200 Jens Reyer jre.winesim@gmail.com wrote:
What are the security implications? Won't this make it easier for malware to execute without being Wine-aware, or am I just being paranoid?
We don't enable binfmt in Debian for exactly this reason (see https://bugs.debian.org/819255). So I'd also be interested in other opinions.
Hi, I don't understand the security implications yet. If I download a malware and run it like ./malware.exe or wine malware.exe what is the difference?
Whether you can accidentally do it manually? And if something else is able to start the exe?
Also in a file manager double clicking exe run wine correctly, why isn't this a security problem?
AFAIK for this you also need the desktop files (which afaik are packaged by winehq). I think desktop files need to be considered at the same time as binfmt support for their security implications.
What is a real example of a malware that benefits from this?
Having that would indeed help, I'm not really sure about this myself.
Greets jre