Virus with WINE

[geoffry]

Forgive me if this is a dumb question (it probably is), but if I got a virus using WINE, all the windows based programs / files would be vulnerable to the virus correct?

However, since a Windows virus would be absolutely lost in a Linux environment it could do zero harm to linux apps / files, correct?

 

[Nothinman]

Well it won't be able to infect your Linux binaries/libraries and if it puts itself in the pseudo-Windows startup directories that won't do anything. But if it messes with your data files like audio, video, etc it'll still be able to do things to them. Depending on how you have WINE configured, but /home is mounted to a drive letter by default IIRC.

 

[Schadenfroh]

I am doing some research into that area now as a matter of fact (I have a PC sitting behind me that is executing Windows viruses via wine and monitoring their execution). Out of the hundreds of viruses that I had in the library, only about 50 executed without crashing immediately (and actually did meaningful activity). Some even placed icons on my desktop

Use chmod a-w to ensure that the viruses cannot mess with vulnerable files. As stated above, they "should" not screw with your Linux binaries / libraries.

Finally tally was out of over 450+ viruses, only 42 executed.

 

[geoffry]

Thanks for the input guys, very helpful.

 

[JohnOfSheffield]

Last time i came across a virus, running it in WINE pretty much didn't do anything (it crashed the environment), the environment is very controlled in WINE, but if unsure there are a multitude of virus scanners that work in Linux.

Anyway, a good thing to do is to set every windows binary to R and nothing else that way it won't affect them, video files and other files are less vulnterable and if you only play them in your native Linux environment it won't matter much.

If you're still worried, install clam and do a scan. I know crossposting isn't allowed but i doubt anyone would blame you for crossposting this one in the securtity forum.

 

[geoffry]

Thanks guys.

I've been dabbling with Ubuntu since 7.10 and have been impressed. I'm also quite excited about 9.04 and the web services that might come with it, along with the super fast ext4 file system.

I downloaded the Windows 7 beta but haven't installed it yet, I'm thinking Vista might be the last MSFT OS I'll buy unless something changes dramatically, Vista will have DX11 and I've got a bunch of XP and Vista licenses which should do me for awhile.

OS X is pretty good on my mac but I love the open source software movement.

 

[JohnOfSheffield]

Originally posted by: geoffry
Thanks guys.

I've been dabbling with Ubuntu since 7.10 and have been impressed. I'm also quite excited about 9.04 and the web services that might come with it, along with the super fast ext4 file system.

I downloaded the Windows 7 beta but haven't installed it yet, I'm thinking Vista might be the last MSFT OS I'll buy unless something changes dramatically, Vista will have DX11 and I've got a bunch of XP and Vista licenses which should do me for awhile.

OS X is pretty good on my mac but I love the open source software movement.

Where i'm at i really have no ability to choose what OS i'm running but at home i run Arch Linux, i kinda like how it has rolling updates and introduces the latest after testing (unless you choose to enable testing packages) but Ubuntu is a fine distribution and probably easier to handle for those who are less versed in the world of OSS, for me it's a nightmare though..

 

[geoffry]

Originally posted by: Schadenfroh
I am doing some research into that area now as a matter of fact (I have a PC sitting behind me that is executing Windows viruses via wine and monitoring their execution). Out of the hundreds of viruses that I had in the library, only about 50 executed without crashing immediately (and actually did meaningful activity). Some even placed icons on my desktop

Use chmod a-w to ensure that the viruses cannot mess with vulnerable files. As stated above, they "should" not screw with your Linux binaries / libraries.

Finally tally was out of over 450+ viruses, only 42 executed.

Thanks for the update on the final data.