Re: [suse-security] OT:[suse-security] don't put'em togheter...
Hi, Miguel Albuquerque wrote:
"SuSE Linux is developing a desktop Linux distribution that will allow Windows users to continue using (some of) their Windows applications, including Microsoft Office. The SuSE Linux Office Desktop will be available for $129 in January, and will include Acronis OS Selector for disk partitioning during installation and Codeweavers CrossOver Office for Windows API emulation."
--snip---
What's next? SuSEXP? Sorry, for this posting but I'm getting scared...
get scared about the "Thought police", not about SuSE. It's a good move, that will probably do GNU/Linux a lot of good in the end, especially when previous Windows users actually get to see there's a better alternative, and a better alternative to keeping a piggy-back M$ Office. A software I use (no, an alternative doesn't exist yet) needs Windows and uses M$ Office as a kind of import interface, nothing more, and it will be very nice not having to twiddle about in Wine registry more than necessary. What would interest me, and what worries me, is if and what security implications this has. BR, Gudmund
Hi again, Gudmund Areskoug wrote:
What would interest me, and what worries me, is if and what security implications this has.
answering myself, didn't have to go very far: http://articles.linuxguru.net/view/198/?PHPSESSID=d1ad0635NjsF (Klez works in WINE). Seems like anything Windoze needs to be kept in some kind of safe quarantine environment... BR, Gudmund
On Wed, Oct 30, 2002 at 05:56:35PM +0100, Gudmund Areskoug wrote:
answering myself, didn't have to go very far: http://articles.linuxguru.net/view/198/?PHPSESSID=d1ad0635NjsF (Klez works in WINE).
This article is utter and complete baloney BTW. Even if you associate WINE with the ms-dos executable mime type, you will have to press return when asked whether to "open" the attachment using WINE. (And I very much doubt that Klez actually _works_ in WINE - they may have heard a whirring noise and seen WINE popping up. That doesn't mean it's actually propagating. To do so it would probably need some sort of mail configuration in its Windows sandbox). Olaf -- Olaf Kirch | Anyone who has had to work with X.509 has probably okir@suse.de | experienced what can best be described as ---------------+ ISO water torture. -- Peter Gutmann
Hi, Olaf Kirch wrote:
On Wed, Oct 30, 2002 at 05:56:35PM +0100, Gudmund Areskoug wrote:
answering myself, didn't have to go very far: http://articles.linuxguru.net/view/198/?PHPSESSID=d1ad0635NjsF (Klez works in WINE).
This article is utter and complete baloney BTW. Even if you associate WINE with the ms-dos executable mime type, you will have to press return when asked whether to "open" the attachment using WINE.
well, there's no protection against stupidity...
(And I very much doubt that Klez actually _works_ in WINE - they may have heard a whirring noise and seen WINE popping up. That doesn't mean it's actually propagating. To do so it would probably need some sort of mail configuration in its Windows sandbox).
Thanks for pointing it out, I'll do two things: - read up more carefully - keep my "disaster area" computer ready for trying it out next time someone sends me one of those thingies. BR, Gudmund
On Thu, 2002-10-31 at 09:44, Gudmund Areskoug wrote:
This article is utter and complete baloney BTW. Even if you associate WINE with the ms-dos executable mime type, you will have to press return when asked whether to "open" the attachment using WINE.
well, there's no protection against stupidity...
Wasn't there some noise about KMail doing this by itself recently, if configured badly?
(And I very much doubt that Klez actually _works_ in WINE - they may have heard a whirring noise and seen WINE popping up. That doesn't mean it's actually propagating. To do so it would probably need some sort of mail configuration in its Windows sandbox).
Thanks for pointing it out, I'll do two things:
- read up more carefully - keep my "disaster area" computer ready for trying it out next time someone sends me one of those thingies.
I've infected WINE with a few .exe style virii, just out of interest. Anyone fool enough to run Outlook on it should expect to get hit. For the careful people, I'd suggest setting the wine drive paths to your "sandbox" (~/.wine/fake_windows by default?), and remove the /, ~/, /tmp and so on mappings so it doesn't have access to your other stuff - eg, just let it use C:. The downside is that you lose access to your files from wine, but that's the point isn't it? You'd need to use a "transfer" directory that WINE has access to.
well, there's no protection against stupidity...
Wasn't there some noise about KMail doing this by itself recently, if configured badly?
You probably can configure KDE to execute DOS apps included as an attachment without the "Open with" box popping up. But the same is true for application/x-sh-script or application/x-manpage or whatever - this is not specific to windows worms. You are even free to not have a root password on your machine. This entire "KMail will spread Windows worms" issue is FUD if you ask me. Olaf -- Olaf Kirch | Anyone who has had to work with X.509 has probably okir@suse.de | experienced what can best be described as ---------------+ ISO water torture. -- Peter Gutmann
participants (3)
-
Gudmund Areskoug -
Olaf Kirch -
Richard Barrington