11.1. Wine is malware-compatible
Just because Wine runs on a non-Windows OS doesn't mean you're protected from viruses, trojans, and other forms of malware.
There are several things you can do to protect yourself:
- Never run executables from sites you don't trust. Infections have already happened.
- In web browsers and mail clients, be suspicious of links to URLs you don't understand and trust.
- Never run any application (including Wine applications) as root (see above).
- Use a virus scanner, e.g. ClamAV is a free virus scanner you might consider using if you are worried about an infection; see also Ubuntu's notes on how to use ClamAV. No virus scanner is 100% effective, though.
- Consider removing the default Wine Z: drive, which maps to the unix root directory. This is only a weak defense, but it might help against some attacks. The downside to this is you won't be able to run Windows applications that aren't reachable from a Wine drive (like C: or D:). This includes inability to install wine-gecko (see bug 19873). A workaround is to copy/move/symlink downloaded installers to ~/.wine/drive_c before you can run them.
- If you're running applications that you suspect to be infected, run them as their own Linux user or in a virtual machine (the ZeroWine malware analyzer works this way).