« I’m looking forward to KDE 4.
It has become a tool like any other. »

Is it safe to run IE7 on Linux using WINE?

I read an article today about using Internet Explorer 7 on Linux. I haven’t tried it yet, but it seems to use WINE in order to actually run the web browser.

I can see how this would be very useful for many web developers. It would allow them to develop their sites on Linux, test with Firefox, Seamonkey, Opera, and other browsers that run natively on Linux. Then they could immediately test with IE7 from the same computer, all without having to reboot into Windows.

But I have to ask, is this a safe thing to be doing? I’m not overly familiar with Windows and its many security issues. I do know from experience that Internet Explorer 6 allows malware to easily infest an improperly protected Windows system. I don’t know how much things have improved with IE7, but considering the past track record of Internet Explorer and Microsoft, I feel it is necessary to be cautious.

Likewise, I do not know if WINE is vulnerable to some of the same security problems that Windows is, just as a result of having a very similar architecture. So I have to ask, is it possible for a Linux installation to be damaged or compromised after installing Internet Explorer 7 and using that browser to browse a malicious web site? Or is there just enough of a difference between WINE and an actual Windows system that WINE does not suffer from the same security issues we have some to associate with Windows?

This entry was posted on Monday, January 8th, 2007 at 11:38 pm and is filed under Internet Explorer, Linux, Windows. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

3 Responses to “Is it safe to run IE7 on Linux using WINE?”

  1. pablasso Says:
    January 9th, 2007 at 8:29 am

    lol.. of course it’s safe

  2. DaCrayZeeOne Says:
    January 10th, 2007 at 9:43 am

    DISCLAIMER: I believe the following to be true, however I could quite easily be wrong.

    The malware could not compromise the system itself (unless it knew of a Linux exploit it could perform locally, perhaps over local network), however it could delete any and all data owned by the user running WINE. This can only happen, however, within the drives mapped by WINE, normally ~/.wine/drive_c/ or similar. Symlinks may allow exiting from this (I don’t know), however. Many WINE installs also have a Z: drive mapped to /, which would allow deleting (or amending) of any file on the system that can be deleted (or amended) by the user running WINE.

    So, if you are worried about security, only map drives in protected folders, with contents you can afford to lose.

    One more thing: many malware try and infect system files. WINE emulates a lot of the system files. Thus, malware cannot actually infect them (depending on the [builtin,native] orders), meaning that it is much harder to infect a WINE Windows system with malware than a real Windows system.

    Hope this helps,

    DaCrayZeeOne.

  3. Gabriel Says:
    October 9th, 2007 at 10:38 am

    If you want to be sure that your version of IE is safe.

    - Create a new user
    - Install IE on this new user
    - Log with your normal user
    - Do a “xhost +”
    - sudo -u yourIEUser wine “YourPathToIE”

Leave a Reply

*
To protect against spam, please type the word in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word