Security tip for when running windows software in wine

CaffeineAddict

Well-Known Member
Joined
Jan 21, 2024
Messages
986
Reaction score
674
Credits
7,958
I've been of opinion if I run Windows programs such or games in wine then I'm safe from potential malware in those programs
because windows malware doesn't run on Linux, but that's wrong.

Malware writers can write code to detect if their payload is running in wine, and according to that they can run specific code to compromise Linux.
Programs running in wine have access to Linux filesystem so they could ex. install spyware to your home directory which doesn't require root privileges.

A method how you can protect yourself from this scenario is by checking for existence of a digital certificate in a windows executable.

Most windows programs ship with digital certificate and this is how you know the executable has not been tampered with,
for instance pirated software is almost always guaranteed to be packed with malware, games for instance are always signed, if not they're cracked and so using them in wine doesn't save you from malware only because you're running Linux.

To check for certificate there is CLI tool called osslsigncode.

example usage:
Bash:
osslsigncode verify ./path/to/executable.exe

If the output says there is no certificate at all it's not safe to run it in wine.

On Debian it's as simple as:
Bash:
sudo apt install osslsigncode

See if your distro has it in repository, or otherwise you might need to compile it or install from some other repository.
 


for instance pirated software is almost always guaranteed to be packed with malware, games for instance are always signed, if not they're cracked and so using them in wine doesn't save you from malware only because you're running Linux.
Even better don't use pirated software, that includes games.

To check for certificate there is CLI tool called osslsigncode.
Another option is to run your game tools with something like Flatpak or another containerized solution and it seems like you can run Bottles as a Flatpak too if you were to want to run other Windows applications that way those applications would be containerized as well.
 
Another option is to run your game tools with something like Flatpak
I run all my gaming applications and proprietary apps as Flatpaks, the sand-boxing might not be perfect as I've read for containerized applications but it's still a sandbox and better than not running it in a sandbox for the specific use cases of those applications.
 
I don't use Wine or any apps that require mono, and never will. That's just me.
 

Members online


Latest posts

Top