Ubuntu
wine package

Security Warning in Wine

Bug #213868 reported by Fred
2
Affects Status Importance Assigned to Milestone
wine (Ubuntu)
In Progress
Wishlist
Unassigned

Bug Description

Binary package hint: wine

Once, I accidentally ran an .exe file in Mozilla Firefox when I was browsing porno, I thought it was a video clip.

I think it should say something like "The publisher could not be verified. Are you sure you want to run this software?" [Run] [Cancel]

http://www.recsoft.com/images/WarnDSen.PNG

Tags: security wine
Revision history for this message
Scott Ritchie (scottritchie) wrote :

Yeah, importing the Windows security warnings for Firefox is definitely a good idea, especially after the user clicks "open" on the downloads pane.

This falls into the more general changes to opening with Wine outlined in the BetterIntegratedWineSpec.

Changed in wine:
assignee: nobody → scottritchie
importance: Undecided → Wishlist
status: New → In Progress
Revision history for this message
Stephan Rügamer (sruegamer) wrote :

Well,

I wonder how many people will just click "yeah, let's start this awesome movie which is actually a trojan horse, i don't care what windows is telling me, just because I want it so badly".

Seriously:

1. If you click on a movie file, or you think it's a movie file, and suddenly firefox/webbrowser of your choice, asks you to open an .exe file with wine, I think the default layer 8 firewall should alarm yourself. (OSI Model only goes up to 7, so think about layer 8 ;))
2. For having Windows Signature Handling in Wine, we need to have the positive checks too. Means, asking the user when he tries to start an .exe/.msi file, even when it's signed by a known authority, which windows does.
3. What we can easily achieve is, adding an UI wrapper before actually wine will start, but this won't prevent people from having heavily SM Games during pr0n browsing on the internet.

What we have to think about is: Wine is not an emulator. It gives users the possibility to run windows applications...it shouldn't be handled as replacement for cheap windows running on Linux. It's a tool not a replacement for an expensive windows license.

regards,

\sh

PS: But yes, I tend to prevent people from commiting suicide, but this is not always their wish.

Scott Ritchie (scottritchie)
Changed in wine:
assignee: scottritchie → nobody
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.