Making Windows applications more secure

Category: Ubuntu

Making it easy to run Windows applications in Ubuntu also opens the door for all the Windows viruses and worms. So why not scanning Windows applications for viruses automatically? With the ClamAV bindings for python this is an easy task.

The winelauncher.py could be used as mime type handler for all Windows executables. If the file doesn't contain any viruses it would be marked as executable and started under wine after confirming a short dialog.

bzr branch http://glatzor.de/bzr/winelauncher

What about integrating linda into gdebi for third party Debian packages?

 

<- Back to: Blog

 

  1. Sebastian Heinlein

    Monday, 12-11-07 13:45

    To avoid a "false sense of security" there is no "this file is ok" dialog. The warning is only shown if we detect a virus. The scanning would only be done if you start a Windows exectuable from Nautilus. It would not be run if you have installed the application and start it from the menu. The idea is to make it harder for viruses or worms to get on the system.

  2. Peteris Krisjanis

    Sunday, 11-11-07 14:36

    I want to voice my support for idea generally. Maybe text could be less, or window, but in general idea is very good. Continue to push it. I would definitely wote for it to be included in Hardy.

  3. jonas jørgensen

    Friday, 09-11-07 17:42

    Am I the only one of the opinion that scanning windows executables gives more a false sense of security than actual security, and that it would mostly serve to propagate the myth that checking against a blacklist of known signatures is a suitable solution to microsoft's security problems, and that we absolutely should not install a virus scanner by default but instead let people know that they shouldn't run software that they don't absolutely trust? I mean, if you are not so certain about the virus-freeness of an executable that you would run it _without_ scanning, then you shouldn't run it after scanning either, because scanners can by their nature not know all possible viruses, and including a scanner would, I'm afraid, cause people to run programs that they might not otherwise run...

  4. Peter Vander Klippe

    Friday, 09-11-07 17:15

    I agree that this is a good idea, I'm just worried about the scanning time. Could you do it where the sha1 hash is generated for the executable and that is checked first? if the hash is the same then you don't need to virus scan the file.

    I'm completely assuming that the sha1 hashing process is faster then the clamAV scanning process. Is this true?

    Also, are you just clamAV scanning the exectutable? would it be good to scan the rest of the files? or at least anything chmod+x in the directory.

  5. Siegfried-Angel Gevatter Pujals

    Friday, 09-11-07 14:45

    Great idea! I'm looking forward to see this in Hardy (even if I won't use it). The only problem I see is the time it might take to scan the file, but I never used ClamAV so that might not be an issue.

    Also, I don't agree with Trevor. If they want to run a file that seems to be infected they can do it from the terminal. If they don't know how to type "wine ./whatever.exe" on a terminal then I assume that they are even more incapable of detecting if the file is really dangerous or not.

    Ah, and I've a question. If you run a infected file with Wine, can it affect your Ubuntu installation or only the "C" folder?
1 2 Next
 

CAPTCHA image for SPAM prevention