DOSBox for Windows doesn't have valid signature

A general chat area, here you can post anything that doesn't belong in another forum.
Post Reply
SupFanat
Vortininja
Posts: 210
Joined: Mon Jun 02, 2008 15:00

DOSBox for Windows doesn't have valid signature

Post by SupFanat » Thu Mar 05, 2015 14:32

It's shown as "unknow publisher" in Windows 7.

Keening_Product
Kuliwho?
Posts: 2092
Joined: Fri Jan 20, 2012 7:02
Location: Tied up in the Oracle Chamber's basement
Contact:

Post by Keening_Product » Thu Mar 05, 2015 23:29

There is a lot of software that prompts that response from Windows. Just so long as you're sure it's from the source you think you're getting it from you should be fine.
"Wise words. One day I may even understand what they mean." - Levellass

SupFanat
Vortininja
Posts: 210
Joined: Mon Jun 02, 2008 15:00

Post by SupFanat » Fri Mar 06, 2015 1:20

Keening_Product wrote:There is a lot of software that prompts that response from Windows. Just so long as you're sure it's from the source you think you're getting it from you should be fine.
The source is http://www.dosbox.com/
Avira says the file is free from malware.
I don't know how such digital signature works. Unfortunately I find programming too hard (though useful of course).

User avatar
Fleexy
Tool Smith
Posts: 1370
Joined: Fri Dec 12, 2008 1:21
Location: Abiathar C&C
Contact:

Post by Fleexy » Fri Mar 06, 2015 2:10

Every program that doesn't have an Authenticode signature produces that warning. Authenticode is like HTTPS for applications, making sure a program is indeed what the verified publisher meant to release. (Abiathar's VeriMaps signature mechanism is the same thing, but for Keen:Galaxy levels. And you don't have to pay for a signing certificate - just PM me! </shamelessplug>)

But yeah, not unusual in the least.

User avatar
MoffD
Vorticon Elite
Posts: 1193
Joined: Thu Jul 05, 2012 17:30
Location: /dev/null
Contact:

Post by MoffD » Fri Mar 06, 2015 13:15

Image

*ahem* I have no problems with dosbox for my Windows 7, iirc it has a signature under "DOSBox Team" or something similar.
mortimermcmirestinks wrote: Now I wish MoffD wasn't allergic to me.
Levellass wrote:You're an evil man.
Image

SupFanat
Vortininja
Posts: 210
Joined: Mon Jun 02, 2008 15:00

Incredible abilities of virtual machines

Post by SupFanat » Thu Apr 16, 2015 10:39

Virtual machines allow us to run every malware safely (at least in theory). So, all that an old DOS virus in DosBox can do is crashing the virtual machine or erasing the mounted folder (or at most mounted disk image) but the rest of PC should remain completely intact.

Keening_Product
Kuliwho?
Posts: 2092
Joined: Fri Jan 20, 2012 7:02
Location: Tied up in the Oracle Chamber's basement
Contact:

Post by Keening_Product » Fri Apr 17, 2015 1:05

I wouldn't get too cocky about that - there's every possibility a virus could be made to exploit a security hole in DOSBox, potentially even mount other parts of the filesystem and insert other malware.

All virtual machines that interface with the host system do have the capacity to be infectious.
"Wise words. One day I may even understand what they mean." - Levellass

SupFanat
Vortininja
Posts: 210
Joined: Mon Jun 02, 2008 15:00

Post by SupFanat » Fri Apr 17, 2015 8:11

Keening_Product wrote:I wouldn't get too cocky about that - there's every possibility a virus could be made to exploit a security hole in DOSBox, potentially even mount other parts of the filesystem and insert other malware.

All virtual machines that interface with the host system do have the capacity to be infectious.
I think that old files (before DosBox was invented) can't be that bad. If the files are from CD-ROM which was made before DosBox then it can't be modified since then.

Which virtual machines don't "interface with the host system"? I would prefer such safe virtual machines instead of others. Thank you.

SupFanat
Vortininja
Posts: 210
Joined: Mon Jun 02, 2008 15:00

Post by SupFanat » Fri Apr 24, 2015 6:37

Can the security be improved by using of two things at once - DosBox running under Sandboxie? Maybe DosBox should have a command to deactivate the command MOUNT for the current session so that you'd have to restart DosBox in order to mount further folders?

User avatar
MoffD
Vorticon Elite
Posts: 1193
Joined: Thu Jul 05, 2012 17:30
Location: /dev/null
Contact:

Post by MoffD » Fri Apr 24, 2015 12:26

Intrestingly enough, if you make a batch file that uses dosbox specific commands I believe they work.

Yep! Just tried it on my Linux box with a .bat file that had the line:

Code: Select all

mount b /
and it mounted my system root as B:\ in dosbox

Potentially you could make a batch file that would mount an arbitrary drive letter as your home directory and do such things as deleting your files (keep in mind that it would have whatever permissions the current user has!)

Code: Select all

mount b ~
B:\
del *
mortimermcmirestinks wrote: Now I wish MoffD wasn't allergic to me.
Levellass wrote:You're an evil man.
Image

SupFanat
Vortininja
Posts: 210
Joined: Mon Jun 02, 2008 15:00

Post by SupFanat » Fri Apr 24, 2015 12:49

It's no good thing.

The solution would be implementing new command stopmount.
stopmount would make mounting folders impossible until DosBox is restarted.

SupFanat
Vortininja
Posts: 210
Joined: Mon Jun 02, 2008 15:00

Post by SupFanat » Mon May 25, 2015 14:19

Is there any modified version of DOSBox which doesn't allow the software to mount any folder?

User avatar
MoffD
Vorticon Elite
Posts: 1193
Joined: Thu Jul 05, 2012 17:30
Location: /dev/null
Contact:

Post by MoffD » Mon May 25, 2015 14:49

SupFanat wrote:Is there any modified version of DOSBox which doesn't allow the software to mount any folder?
I am not sure if one exists, it should be possible by modifying the source and compiling your self (Although this would take a lot of effort) Alternatively, if you are seriously worried about this happening, you may consider running everything through a virtual windows 98 or simillar in virtualbox.

I have a 98 install in virtualbox that I can play stuff through (although there's some graphics lagging) Virtualbox only allows access to specific parts of the host system (adjustable in the options) such as the keyboard/mouse which can be grabbed, and internet or various disks but only if you set them up first and allow access yourself

All in all, I don't think you need to worry about it. As long as you don't run random .bat scripts and/or check them first I think you are fine. I am unaware of any actual cases of bat/exe files designed to run in dosbox with malicious intent towards the host system, I was just hypothesizing how this could happen.


EDIT: Just found what (I think) you want!
There's a command line switch for dosbox I found here:
http://www.dosbox.com/wiki/CONFIG
DOSBoxWiki wrote: -securemode
Switches DOSBox to a more secure mode. In this mode the internal commands MOUNT, IMGMOUNT and BOOT won't work. It's not possible either to create a new configfile or languagefile in this mode. (Warning: you can only undo this mode by restarting DOSBox.)
dosbox -secure wrote:~$ dosbox -securemode
Switched to secure mode.
Z:\>mount c /
This operation is not permitted in secure mode.
mortimermcmirestinks wrote: Now I wish MoffD wasn't allergic to me.
Levellass wrote:You're an evil man.
Image

SupFanat
Vortininja
Posts: 210
Joined: Mon Jun 02, 2008 15:00

Post by SupFanat » Mon May 25, 2015 17:28

Thank you for your tip!
.bat scripts can be easily checked but not .exe or .com programs.

Post Reply