codeweavers meint dazu in einem
PDF :
"Viruses vs. Unix-based Operating Systems
A Wine user’s first line of defense against viruses is that they
simply don’t run under Wine. Why is this? After all, in theory,
programs that are vulnerable to virii—such as Outlook and Internet
Explorer—will retain those same vulnerabilities when running via
CrossOver. And if a Windows virus exploits a weakness in Internet
Explorer which allows it to upload code into memory and cause that
code to start execution, then that same weakness will theoretically
exist under Wine as well. Yet, again, in practice we have never
run into a single instance of this happening. On the face of it, this
seems incredible. Wine, after all is designed to be a general-purpose
Windows compatability solution. And while it doesn’t run all
Windows software yet, it does run a respectable percentage of them.
It would seem reasonable to assume that at least some Windows
viruses would run as well. Why don’t they? The answer has to do
with the specific nature of malware applications, and how they
interact with their target operating systems.
When you are running an application under CrossOver,
CrossOver serves as the intermediary between the application
and the operating system. Wine is constantly taking in requests
from the application for services, via the Win32 API (which
is Wine) and then translating those Windows requests into
something intelligible by the target OS (Linux or Mac OS X).
Under normal circumstances, Wine processes these requests
seamlessly, and the target OS satisfies the needs of the program.
By their very nature, though, Windows viruses are built to take
advantage of specific security holes in Windows. They rely upon
a very exact operating system configuration, and use certain
Windows-specific commands to do their dirty work. What
happens when a piece of Windows malware tries doing that
under CrossOver, though, is two-fold. First off, the vast majority
of the time the executable just doesn’t run. But even more
important, the chinks in the armor of Windows that the malware
is trying to address typically make no sense to a Unix-based OS.
In most cases, the particular weakness the virus is going after
probably doesn’t even exist in Unix.
Could a virus be written that would work under Wine? Again,
theoretically yes. But writing a virus to attack, say, a Mac via
CrossOver would require that
1) it went after specific security flaws in the Mac OS, but also
2) ran as a Windows executable, that
3) also ran flawlessly under CrossOver.
That’s a very tough
bill to fill. This is not to say that it wouldn’t be theoretically
possible to do, but in practice it’s very, very difficult.
Even if such a virus were crafted, it would still be constrained by
the Unix system as to the damage it could do. Since CrossOver is based operating systems.
Even better, your personal data (your documents, videos, etc.)
need not reside on Wine’s virtual C: drive at all. After all, one of
the benefits that Wine provides is being able to use the native file
system of the host computer, meaning that your personal data most
likely won’t be stored on the virtual C: drive in any case—it will
be located whereever you normally put your document files under,
say, OS X. Disinfecting a Wine C: drive is extremely easy, too.
Simply deleting the pair of CrossOver directories housing the C:
drive destroys the infection completely. "
Hört sich für mich nach theoretisch ist alles möglich; praktisch aber eher nicht.
