If you use Windows software on Ubuntu 10.04, chances are you’ve encountered the new feature in Lucid Lynx that prevents .exe files from being run without the executable bit set. This might be good and well for some users, but is it really the best approach to security? Here are some thoughts.
In the past, .exe files could be run simply by right-clicking and opening them with “Wine Windows Program Loader,” regardless of whether they had the Unix executable bit set. In Lucid, however, “Wine Windows Program Loader” doesn’t call the Windows emulator wine at all, but instead executes a utility named cautious-launcher, which presents this complaint when the .exe file lacks executable permissions:
Why this is bad
I’m all for a security policy that protects innocent users from running things they’ll regret. But I’m also a big fan of usability and user-friendliness, and the dialogue above is less than consistent with those values.
I’d venture a guess that the vast majority of people who download .exe files don’t want a lecture on Ubuntu’s security policy and how it helps protect them from malware. Nor do they want to read an exhaustive explanation of Unix permissions that doesn’t even mention how to make a file executable without using the command line.
Most users just want to run their program. Towards this end, the cautious-launcher dialogue should at least include a link to simple instructions for setting file permissions without having to use the terminal. Better yet, it should provide a button for setting the executable bit then and there. Or best of all, the utility could just take the Windows 7/Vista approach and ask for confirmation before executing the file in question.
The concept behind cautious-launcher is also bungled because you can’t set the executable bit for files on a CD or DVD. That’s a major, major problem that non-geeks can’t be expected to solve.
Conclusion
Granted, this is hardly the greatest of Ubuntu’s flaws. It’s also easy enough to get around cautious-launcher by calling wine directly.
All the same, this concept smacks of pedantry and represents the wrong direction for Ubuntu to take. If we want to bring Linux to the masses, we need to worry more about making it super-easy to get stuff done, and less about ensuring that everyone understands what the letters rwx mean.
Read More About This Topic
Share This Post
Tags: Security | Ubuntu 10.04 Lucid Lynx
Interact: Add a Comment | Trackback Link | Permalink
Subscribe: RSS Feed
This sucks when trying to install a game from CD, you can’t just set the file as executable.
the non-exec from CD is a separate bug — rockridge CDs should be marked as executable by gnome, but they’re not.
“…simply by right-clicking and opening them…” The problem is that Gnome makes no distinction between double-click (“open”) and “Run with a specific program…”. (Implicit action vs explicit action.) It’s all tied to MIME handlers, and defining a MIME handler for executable code is a bypass of Unix permissions.
“…best of all, the utility could just take the Windows 7/Vista approach and ask for confirmation…” The stated goal of the Ubuntu UI Design Team is to avoid irritating confirmation dialogs.
“…you can’t set the executable bit for files on a CD or DVD.” As you linked, this is a bug in udisks, not with how the cautious-launcher is designed.
“If we want to bring Linux to the masses…” then we should work on ways to not need a Windows emulator in the first place. If you want to bring Windows to the Linux masses, then Windows programs should be appropriately packaged to have the execute bit.
Agreed agreed agreed.
This is entirely the wrong approach.
It’s like the dialog box that says that a manufacturer’s official drivers “represent a risk to you” because they’re not open source. Puhleeeese. The open source drivers don’t support all of the hardware’s features, and are even more likely to contain bugs.
“If you want to bring Windows to the Linux masses, then Windows programs should be appropriately packaged to have the execute bit.”
You’re dreaming. You’re dreaming of snow in Death Valley. I sincerely doubt developers are suddenly going to decide this is important to them: the vast majority outside the Linux community I don’t think will ever bother.
It’s quite clear that most developers are going to chase after the profit margins, and at least for gaming, that’s Windows. (This is where Linux is getting spanked, repeatedly. I’m not interested in wave after wave of first-person shooter variants and supposed gems from earlier systems.) And I just don’t see how Apple’s current dominance in microdevice appliances is translating to new, easy-to-use stuff for Linux.
This is what has always bothered me about some segments of the geek community: talking intuition and “user friendliness” is like Dr. McCoy trying to explain something to Spock. I see failure after failure to relate to the non-savvy without being condescending, invoking “Grandma can run it just fine” or some variation, or using copious amounts of techspeak. Might as well say, “Highly illogical, Windows user, highly illogical.”
Robbie: right, this is only a bug with certain CDs whose files aren’t mounted with executable permissions. But when CDs are mounted correctly, all their files are executable and cautious-launcher is bypassed, defeating its purpose. So the way CDs are handled seems pretty flawed for reasons that transcend the way Gnome mounts the disks.
What are you talking about…if you have have such a thing as cautious-launcher installed then that’s you’re problem. Never heard of apt-get purge cautious-launcher?! Canonical/Ubuntu has never given any love to the WINE project anyway and that seems to be their stance.
Running a windows program from a cd/dvd is simple: just open it throught from wine’s application installer.
I strongly disagree with the poster. While we may think that linux is safe even when running Windows binaries we forget one thing, stupid users may have downloaded some exe files which could be viruses. Now you ask where is the problem and why cautious-launcher is a good idea? Ask yourself, does a windows virus really need root access to wreak havoc in your system? He would already have access to your home directory where it could delete everything. I have no lust to fix some unknown executables or things left by it, for the even less cautious people a virus can have access to every writable partition which may render all your files either unreadable or deleted. Notice that Windows was also going that way and they are changing it recently. And while i understand that more experienced users will know what they are doing then those less experienced could wreak havoc and then blame everything on linux which would result in a bad PR.
Even wine project policy is only to use wine to run programs that don’t have equal for you on Linux.
Really they could add a wine particular warning mono and so on. Wine case check appdb.winehq.org for this application before proceeding to enable excutable bit.
Some applications in wine need special setting to work. It would save many people ending up in the winehq support channels over simple issues.
“Windows 7/Vista approach and ask for confirmation before executing the file in question.” Secuirty wise does not work users sees the dialog clicks through never thinks twice. At least dropping a brickbat on them they think twice.
I say not to use wine and to wait for the Steam Linux client to be released, that way this conversation becomes irrelevant.
This is not a flaw. It’s a sane decades old security principle for downloads: they should *NOT* be executable by default.
The *user* must make the file executable so he doesn’t run an executable by accident.
It’s this kind of things that create an environment very hostile to virus/trojan/etc… attacks.
“Fixing” this would mean one step towards Windows 95 style of security.
Just *learn* the “new” things. It’s a different system, it’s supposed to be *different*. In this case, better, even.
Ever used right click -> properties to change permissions to a file, like you do it in, windows?
alt+F2 for run application
type wine, click ‘run with file’ and navigate to the .exe on your CD/DVD. Wine will execute the file.
I’ve never run into this before. Is this something new in 10.04?
aikiwolfie: yes, this is new in Lucid. Let’s hope its issues get addressed before Maverick!
Maybe I’ll just upgrade my laptop then.
This sucks big time.
I’ve just hit this “problem” for the first time when using Firefox to list items for sale on EBay. Try to upload a photo and BAM – I’m barred from using my own computer for what I want to do with it.
As I’m in a rush and there is no time to research and troubleshoot this issue, Ubuntu has quite literally forced me to go and use MS Windows XP just to go and get essential tasks done. This is very BAD.
Look – its like this. I have been using Ubuntu for nearly 5 years now, and for the last 3 and a half years or so its been my primary OS. But its not supposed to be an ideological tool, its supposed to be an OS to allow people to get work done. Ubuntu will never expand beyond its core (relatively small) userbase of the IT-savvy and on to “everyday” non-technical users if it can’t provide a viable alternative to MS Windows – and on the basis of these sorts of decisions, it is not. How many “moms and pops” are going to understand this issue and be able to deal with it? Answer – VIRTUALLY NONE.
Security always has to be balanced with usabilty, and on this one Ubuntu has got it way, way wrong. A bad, bad, bad decision.
Linux will only stay more secure than other desktops if it stays true to the Unix security model. This alteration in function makes sense within that framework.
Security measures often introduce inconvenience, but that doesn’t mean they shouldn’t be implemented. While many individual users may feel frustrated, many admins will see this as a big plus.
Though, at this late date in Ubuntu’s affair with Wine, the cautious-launcher should probably have offered the user the option of barging ahead, be it folly or not, rather than requiring that lame-o learning stuff and a whole additional operation.
I will have a solution for this/you soon – Explained later in the post, yet another demonstration how powerful tools *nix like systems have
But first some comments on comments some even stupid.
# jaklumen Says:
“If you want to bring Windows to the Linux masses, then Windows programs should be appropriately packaged to have the execute bit.”
You’re dreaming. You’re dreaming of snow in Death Valley. I sincerely doubt developers are suddenly going to decide this is important to them: the vast majority outside the Linux community I don’t think will ever bother.
Why on earth do you think so? Ubuntu even happens to be a distribution that does care about such things – it’s the first distro I personally saw wine install in the menu so that installed Windows programs have a submenu under programs where windows programs show like in Windows menu – personally I use CLI even for loads of common stuff, in which habit it means that I’m an example of those who care about things you claim we don’t.
Anyway, if you feel that way then what makes you want to spend time uselessly telling that – if you were right you could just continue in your Windows to do whatever actually matters to you.
It’s quite clear that most developers are going to chase after the profit margins, and at least for gaming, that’s Windows. (This is where Linux is getting spanked, repeatedly. I’m not interested in wave after wave of first-person shooter variants and supposed gems from earlier systems.) And I just don’t see how Apple’s current dominance in microdevice appliances is translating to new, easy-to-use stuff for Linux.
What does this has to do with Linux developers caring or not caring about the subject? Or did you misread the original post because now it seems you are talking about something else. Since this is not about apples microdevices (you said we are getting spanked in gaming on Windows) and it’s not where *desktop* Linux has anything to do – but we shall see how Android goes though it’s not a subject here.
I would imagine you understand that wine (and Cedega) have been made (and this article written) because we know we need to have windows programs and games running under wine, so what’s your point? We are not discussing about where and what is spanking Linux but about an issue on Windows programs support toolsets part on Linux.
This is what has always bothered me about some segments of the geek community: talking intuition and “user friendliness” is like Dr. McCoy trying to explain something to Spock. I see failure after failure to relate to the non-savvy without being condescending, invoking “Grandma can run it just fine” or some variation, or using copious amounts of techspeak. Might as well say, “Highly illogical, Windows user, highly illogical.”
Yeah, bothers me too… last time when a friend explained how his windows never has crashed (saw it crash that night) – now about 6 months later I’m equipped this laptop of his with Ubuntu and asked about dualboot – no, everything is easier and possible that he needs on this I hear. He did admit that now that he knows it indeed was illogical
**************
# Bender Says:
I strongly disagree with the poster. While we may think that linux is safe even when running Windows binaries we forget one thing, stupid users may have downloaded some exe files which could be viruses.
It’s true that providing (even if written from scratch and thus has propably at best a fraction of vulnerabilities that viruses use) Win API to run Win programs does provide security risk – still, in many test people have done most viruses just crash and none have managed to cause havoc under Wine. You can also enhance paranoid level and NOT define your home directory, let alone root directory as fake drives under Wine environment – just have .wine/drive_c and CD mount point and no malware can havoc outside those.
Now you ask where is the problem and why cautious-launcher is a good idea? Ask yourself, does a windows virus really need root access to wreak havoc in your system? He would already have access to your home directory where it could delete everything.
One thing that came to mind under 2 seconds was that a windows programs cannot start another one (in good nor bad intentions) unless you have set it executable – this is better “app starting another” protection that scripts have (none, a shell script can load or execute any file with script if it can read it).
I have no lust to fix some unknown executables or things left by it, for the even less cautious people a virus can have access to every writable partition which may render all your files either unreadable or deleted. Notice that Windows was also going that way and they are changing it recently. And while i understand that more experienced users will know what they are doing then those less experienced could wreak havoc and then blame everything on linux which would result in a bad PR.
Which would make cautious-launcher very good for such user who however know enough to install and use wine, no? Still providing numerous times safer runtime environment than Windows, no?
************************
# Rambo Tribble Says:
Though, at this late date in Ubuntu’s affair with Wine, the cautious-launcher should probably have offered the user the option of barging ahead, be it folly or not, rather than requiring that lame-o learning stuff and a whole additional operation.
I have a very simple, yet perfect solution – I have to fix my computer, but then I’ll code it.
Shell script is enough, then packacking it as .deb and sending to Ubuntu. See, instead of cautious-launcher there will be cautious-launcher.sh
It will check if the .exe is set executable – actually if it’s CD/DVD/Blue-Ray disc then script will look for gdialog 1st, then some other dialog programs meant to be called from script, last beging xdialog – after finding best available it will pop a dialog explain situation and asking wethever to start the program or not.
I would like especially hear the blogger himsef tell me, but everyone else too, is this as good idea for this I think it is? I personally don’t know a better 3rd party solution – I hope it will also become used, at least by blog author
robsku: interesting idea, although I’m skeptical Ubuntu would change the current approach. But I suppose you can always try once you’ve implemented your script.