CaffeineAddict
Well-Known Member
I've been of opinion if I run Windows programs such or games in wine then I'm safe from potential malware in those programs
because windows malware doesn't run on Linux, but that's wrong.
Malware writers can write code to detect if their payload is running in wine, and according to that they can run specific code to compromise Linux.
Programs running in wine have access to Linux filesystem so they could ex. install spyware to your home directory which doesn't require root privileges.
A method how you can protect yourself from this scenario is by checking for existence of a digital certificate in a windows executable.
Most windows programs ship with digital certificate and this is how you know the executable has not been tampered with,
for instance pirated software is almost always guaranteed to be packed with malware, games for instance are always signed, if not they're cracked and so using them in wine doesn't save you from malware only because you're running Linux.
To check for certificate there is CLI tool called
example usage:
If the output says there is no certificate at all it's not safe to run it in wine.
On Debian it's as simple as:
See if your distro has it in repository, or otherwise you might need to compile it or install from some other repository.
because windows malware doesn't run on Linux, but that's wrong.
Malware writers can write code to detect if their payload is running in wine, and according to that they can run specific code to compromise Linux.
Programs running in wine have access to Linux filesystem so they could ex. install spyware to your home directory which doesn't require root privileges.
A method how you can protect yourself from this scenario is by checking for existence of a digital certificate in a windows executable.
Most windows programs ship with digital certificate and this is how you know the executable has not been tampered with,
for instance pirated software is almost always guaranteed to be packed with malware, games for instance are always signed, if not they're cracked and so using them in wine doesn't save you from malware only because you're running Linux.
To check for certificate there is CLI tool called
osslsigncode.example usage:
Bash:
osslsigncode verify ./path/to/executable.exeIf the output says there is no certificate at all it's not safe to run it in wine.
On Debian it's as simple as:
Bash:
sudo apt install osslsigncodeSee if your distro has it in repository, or otherwise you might need to compile it or install from some other repository.
