DOSBox for Windows doesn't have valid signature
DOSBox for Windows doesn't have valid signature
It's shown as "unknow publisher" in Windows 7.
-
Keening_Product
- Kuliwho?
- Posts: 2167
- Joined: Fri Jan 20, 2012 7:02
- Location: Tied up in the Oracle Chamber's basement
- Contact:
The source is http://www.dosbox.com/Keening_Product wrote:There is a lot of software that prompts that response from Windows. Just so long as you're sure it's from the source you think you're getting it from you should be fine.
Avira says the file is free from malware.
I don't know how such digital signature works. Unfortunately I find programming too hard (though useful of course).
Every program that doesn't have an Authenticode signature produces that warning. Authenticode is like HTTPS for applications, making sure a program is indeed what the verified publisher meant to release. (Abiathar's VeriMaps signature mechanism is the same thing, but for Keen:Galaxy levels. And you don't have to pay for a signing certificate - just PM me! </shamelessplug>)
But yeah, not unusual in the least.
But yeah, not unusual in the least.
Incredible abilities of virtual machines
Virtual machines allow us to run every malware safely (at least in theory). So, all that an old DOS virus in DosBox can do is crashing the virtual machine or erasing the mounted folder (or at most mounted disk image) but the rest of PC should remain completely intact.
-
Keening_Product
- Kuliwho?
- Posts: 2167
- Joined: Fri Jan 20, 2012 7:02
- Location: Tied up in the Oracle Chamber's basement
- Contact:
I wouldn't get too cocky about that - there's every possibility a virus could be made to exploit a security hole in DOSBox, potentially even mount other parts of the filesystem and insert other malware.
All virtual machines that interface with the host system do have the capacity to be infectious.
All virtual machines that interface with the host system do have the capacity to be infectious.
Keening_Product was defeated before the game.
"Wise words. One day I may even understand what they mean." - Levellass
"Wise words. One day I may even understand what they mean." - Levellass
I think that old files (before DosBox was invented) can't be that bad. If the files are from CD-ROM which was made before DosBox then it can't be modified since then.Keening_Product wrote:I wouldn't get too cocky about that - there's every possibility a virus could be made to exploit a security hole in DOSBox, potentially even mount other parts of the filesystem and insert other malware.
All virtual machines that interface with the host system do have the capacity to be infectious.
Which virtual machines don't "interface with the host system"? I would prefer such safe virtual machines instead of others. Thank you.
Intrestingly enough, if you make a batch file that uses dosbox specific commands I believe they work.
Yep! Just tried it on my Linux box with a .bat file that had the line: and it mounted my system root as B:\ in dosbox
Potentially you could make a batch file that would mount an arbitrary drive letter as your home directory and do such things as deleting your files (keep in mind that it would have whatever permissions the current user has!)
Yep! Just tried it on my Linux box with a .bat file that had the line:
Code: Select all
mount b /Potentially you could make a batch file that would mount an arbitrary drive letter as your home directory and do such things as deleting your files (keep in mind that it would have whatever permissions the current user has!)
Code: Select all
mount b ~
B:\
del *
mortimermcmirestinks wrote: Now I wish MoffD wasn't allergic to me.
Levellass wrote:You're an evil man.
I am not sure if one exists, it should be possible by modifying the source and compiling your self (Although this would take a lot of effort) Alternatively, if you are seriously worried about this happening, you may consider running everything through a virtual windows 98 or simillar in virtualbox.SupFanat wrote:Is there any modified version of DOSBox which doesn't allow the software to mount any folder?
I have a 98 install in virtualbox that I can play stuff through (although there's some graphics lagging) Virtualbox only allows access to specific parts of the host system (adjustable in the options) such as the keyboard/mouse which can be grabbed, and internet or various disks but only if you set them up first and allow access yourself
All in all, I don't think you need to worry about it. As long as you don't run random .bat scripts and/or check them first I think you are fine. I am unaware of any actual cases of bat/exe files designed to run in dosbox with malicious intent towards the host system, I was just hypothesizing how this could happen.
EDIT: Just found what (I think) you want!
There's a command line switch for dosbox I found here:
http://www.dosbox.com/wiki/CONFIG
DOSBoxWiki wrote: -securemode
Switches DOSBox to a more secure mode. In this mode the internal commands MOUNT, IMGMOUNT and BOOT won't work. It's not possible either to create a new configfile or languagefile in this mode. (Warning: you can only undo this mode by restarting DOSBox.)
dosbox -secure wrote:~$ dosbox -securemode
Switched to secure mode.
Z:\>mount c /
This operation is not permitted in secure mode.
mortimermcmirestinks wrote: Now I wish MoffD wasn't allergic to me.
Levellass wrote:You're an evil man.