I was just wondering what would happen if I downloaded a game that was infected by a computer virus and ran it in Linux using Proton.

Has this happened to anyone? How would the virus behave? What files, connections or devices would it have access to? Could it be as damaging as running in in Windows?

  • tal@lemmy.today
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    5 months ago

    I was just wondering what would happen if I downloaded a game that was infected by a computer virus and ran it in Linux using Proton.

    Depends on the mechanism. Some viruses will target stuff that WINE doesn’t emulate – like, if it tries to fiddle with Windows system files, it’s just not going to work. But, sure, a Windows executable could look for and infect other Widows executables.

    Has this happened to anyone?

    I don’t know specifically about viruses or on Proton. But there has been Windows malware that works under WINE. Certainly it’s technically possible.

    How would the virus behave?

    Depends entirely on the virus in question. Can’t give a generic answer to that.

    What files, connections or devices would it have access to?

    WINE itself doesn’t isolate things (which probably is reasonable, given that it’s a huge, often-changing system and not the best place to enforce security restrictions). On a typical Linux box, anything that you, as a user, would, since Linux user-level restrictions would be the main place where security restrictions would come into play.

    I do think that there’s a not-unreasonable argument that Valve should default to having games – not just Proton stuff – run in some kind of isolation by default. Basically, games generally are gonna need 3d access, and some are gonna need access to specialized input devices. But Steam games mostly don’t need general access to your system. But as things stand, Steam doesn’t do any kind of isolation either.

    You can isolate Steam as a whole – you can look at installing Steam via flatpak, for one popular option. I don’t use flatpaks, so I’m not terribly familiar with the system, but I understand that those isolate the filesystem that Steam and its games have access to. That being said, it doesn’t isolate games from each other, or from Steam (e.g. I can imagine a Steam-credentials-stealing piece of malware making it into the Steam Workshop). On the other hand, I’m not totally sure how much I’d trust Valve to do a solid job of having the Steam API be really hardened against a malicious game anyway – that’s not easy – so maybe isolating Steam too is a good idea.

    Could it be as damaging as running in in Windows?

    Sure. If it’s not Linux-aware, it probably isn’t going to do anything worse than deleting all the files that your user has access to, but in general, that’d be about as bad anyway. If it is Linux-aware, it could probably do something like intercept your password next time you invoke sudo, then make use of it to act as root and do anything.

    • Cyborganism@lemmy.caOP
      link
      fedilink
      English
      arrow-up
      0
      ·
      5 months ago

      Ah see I didn’t think of the flatpak aspect. But if you download a game from some shady source and want to run it via flatpak Steam, how would you go about it?

      I only use Steam as a regular deb install.

      • dillekant@slrpnk.net
        link
        fedilink
        English
        arrow-up
        0
        ·
        5 months ago

        If you don’t use steam because it’s a shady source, I guess Bottles would be your go-to. I think parent is talking about if you bought a game off steam.

        • Cyborganism@lemmy.caOP
          link
          fedilink
          English
          arrow-up
          0
          ·
          5 months ago

          No no, I mean if someone downloads an infected pirated game from some shady website. I consider Steam to be very secure.

          • dillekant@slrpnk.net
            link
            fedilink
            English
            arrow-up
            0
            ·
            5 months ago

            In that case Steam flatpak isn’t really what you want. You probably want to use Bottles, which creates a flatpak-like sandbox. This is not a guarantee or anything, but does give you some protection (at least, better than running it on Windows I guess).