[ozar]

I'm not sure about this, but I have a strong feeling that maybe 75% (or more) new Linux users are routinely running as root user.

It's almost like a disease... the dreaded "root disease" I guess you could call it!

[i92guboj]

It's not difficult to understand: The virus will run with the same priviledges of the user who's running wine.

So, basically, if you run wine as root, then the virus is running as root. If you run wine as a user, it will have the exact same permissions of that user. That means that it can infect all the programs that wine can see and write to, which usually are in $HOME/.wine/c_drive/.... But wine can also access all the stuff in $HOME/, and that means that it can completely wipe your docs, movies, porn, homework, family photo albums, etc etc.

That is why I usually recommend running wine as a separate user if you have valuable stuff in your $HOME and don't do backups. It's a very easy preventive meassure that can really save you some pain.

The fact that the files, are linux files, doesn't mean anything, because wine translates all the calls, including malicious ones.

[ozar]

Quote:

Originally Posted by i92guboj

That is why I usually recommend running wine as a separate user if you have valuable stuff in your $HOME and don't do backups. It's a very easy preventive meassure that can really save you some pain.

I don't personally run wine at all, but that sounds like a great idea for those that do. It's easy, and makes good sense, to me.

[i92guboj]

Quote:

Originally Posted by ozar

I don't personally run wine at all, but that sounds like a great idea for those that do. It's easy, and makes good sense, to me.

Yes. If you don't want to be using su all the time, then setup sudo. In some distros you might need to manually set the $DISPLAY to run X programs as another user than the owner of the session. Of course, you can just start another session on another vt as well, if you preffer that.

As long as that user can't write on the home for your main user, you'll be safe from windows viruses even if they hit you.

[valan]

What we need is a cross platform virus. One that's aware and keeps up to date on issues that are exploitable on both Windows and Linux, maybe even Mac while we're at it. Open source would be a requirement, so others could add exploits to make it more spreadable. Perhaps set it up on Sourceforge or something with cvs acccess...

Oh, wait. Run ClamAV or something, and limit your use of root. You might also change the name of root, many times something will look for the user root instead of UID 0, and if you change the name of UID 0 to something more fun then stuff gets confused. If you get a virus somehow or are cracked, then not having root might confuse the virus or cracker enough for them to leave you alone.

As far as Wine goes, there's sure to be viruses that don't to completely obscure low level Windows stuff that Wine CAN run, so watch out. And use ClamAV or some sort of protection.

[anomie]

Quote:

Originally Posted by JTB7

Can Wine get a virus?

Yes. As mentioned in this thread, it's possible for an OS-level infection to cause your wine installation issues, or for malware to (potentially) arbitrarily run commands as the user wine is running under. This is a problem for any application not tightly constrained by MAC.

Another, perhaps more deadly problem, is an application-level infection. How about an IE exploit that somehow captures authentication credentials or performs cross-site scripting attacks? Well, guess what: the malware doesn't care if you're running Windows or running Windows under emulation.

As operating systems get more and more hardened (yes, even Windows), malware writers are attacking the application stack with more frequency.

[JTB7]

Thanks for all the help. I thought wine was an emulator, so it couldn't get a virus, but I was guess not. Good thing I checked here first before running it.

[techieMoe]

Quote:

Originally Posted by JTB7

Thanks for all the help. I thought wine was an emulator, so it couldn't get a virus, but I was guess not. Good thing I checked here first before running it.

The name WINE actually means: "WINE Is Not an Emulator."

[i92guboj]

Yep. You can think of it more like a translator. It just translates standard windows and directx api calls into linux/X stuff. In *some sense*, windows applications runs natively unders linux using wine

Wine is not a traditional emulator. Most emulators run into a confined jail, sandbox or environment, and from within them, you can't reach the host OS. But wine can, and that is what makes it both powerful and potentially dangerous sometimes.

However, most viruses will relly on peculiarities that are only present on true windows systems, and so, they might not work under wine. But that's just an assumption, and a virus that's designed on a clean and smart way will work without a problem.

Anyway, unless you use potentially dangerous software with wine (IE, or any other thing that connects to the net), you shouldn't need to worry.