how far can go a windows virus in linux using wine ??????
wich linux files are compromised ???? everything ??? just /home ?????


the autorun.inf viruses can affect me in linux ???


any experience with virus in linux ???

No,,,Windows viruses infect WINDOWS/Windows programs. Not Linux files. Some Google searching can answer this easily...

Windows worst virus attack the Windows system folders. Your windows system folders on Linux are in /home/user/.wine/drive_c/Windows/System32. You simple wipe out your wine folder and all virus are wiped out.
Windows virus are designed for windows and not Linux. Even if the virus tries to attack your home folder(documents) it's not going very far. The virus will have exactly the same privileges as you, so he can't do any harm on Linux system or program files(except if you run wine as root witch is a very bad idea and not recommended or necessary to run any application). Even in the remote possibility of a virus be design to attack Linux trough wine is not going very far. It cannot go behind your /home/user folder.

If you want to be worried at something be worried of social engineering. That's normally the worst menace to a Linux newbies or inexperienced user.

My impression only--I am not an expert.....A virus typically goes after the operating system---not the applications. With WINE, the Windows OS is not installed, so I'm not sure there is any real Virus threat.

There are virus that go after the OS, and there are virus that go after documents. The later kind can work trough wine since wine gives access to the documents.
Also some virus like Trojans and others do work trough wine.
There's an experiment of botnets trough the wine api. Check here http://it.slashdot.org/article.pl?sid=09/07/28/1958237

EDIT:
There's obviously no real treat to Linux. Although some files can be infected and a trojan can work each time a wine program is activated. For example spy-ware on a web application(Firefox or ie6).

Running Windows viruses with Wine article on Linux.com tackles this question.

well, really helpfull answers. thanks a lot.

what about a trojan, a backdoor virus. a tipical old virus that leave a backdoor so someone could control the infected PC.

this viruses can open ports and give someone remote shells ¿¿¿???? ,. what if they execute something like:

"sudo /bin/rm -rf /"

can they.

I know that if I have a compiled windows program like:

then compiled under windows and run in linux with wine, the program succesfully will run the script in the indicated path.

the attacker , that gets a remote shell , could go to the linux userspace ????, the root userspace ?

It doesn't work even if it runs with root privileges.

If you wanted something that will work on linux here's a virus for wine
For this to work it has to have 2 conditions assured:

* it must be run as root
* / must be mapped to the Z: partition

[CODE REMOVED BY MODERATOR]

I see nothing which indicates anyone on the thread wanting this. Even if someone did, posting it is a violation of the LQ Rules. You've been a member here for only about a month, so I presume you haven't had a chance to become acquainted with the way this sort of content is handled. As such, you're only receiving a warning this time. Please don't do this again.

Well. I'm aware of the rules, an I try to respect them. I posted the code because I believed that it was for learning purposes the code actually didn't do absolutely anything wrong or malicious.

The purpose of the post was to show how difficult and improbable is to run a virus trough wine since it had to be run as root and with the / mapped to Z:, conditions that normally do not apply. Also, the actually virus was missing in my code so I don't believe my code could be considered malicious in any part of the world.

I don't agree with your decision but I respect it. I will try to be more careful the next time.

ammorais, I have no reason to doubt what you're saying. Since I'm not a programmer, however, there's a limit to how much code reading I can do to determine whether the risk it represents to LQ is acceptable or not. In this case, your "here's a virus for wine" introduction raised enough red flags for me to decide that removing the code was in everyone's best interest.

Thanks for your cooperation, and for replying in such a respectful manner. Please don't hesitate to contact me via email if there's anything else you wish to discuss regarding this matter. Let's try and get the thread back on topic now.