Risks/Disadvantages associated with Wine

Solution 1:

Wine is just a compatibility layer, programs run in it have the same privileges as the logged in user.

From their FAQ:

7.5. How good is Wine at sandboxing Windows apps?

Wine does not sandbox in any way at all. When run under Wine, a Windows app can do anything your user can. Wine does not (and cannot) stop a Windows app directly making native syscalls, messing with your files, altering your startup scripts, or doing other nasty things.

Also read 7.4, especially:

  1. Never run executables from sites you don't trust. Infections have already happened.

Wine has to possibility to share your documents (or even your home directory or /) with the application. Even if programs are not malicious, it could still put junk on your system, like desktop.ini (controls the view of folders in Explorer).

Solution 2:

Viruses that are run in wine will generally stay within the C drive which wine creates, however, they can still cause harm to your system through startup entries and other method used by malware. However, they generally will not affect specifically Linux portions of your computer. This does not mean that it is impossible. A virus can be made specifically for wine to infect unprotected Linux binaries or attempt to escalate privileges on your system.

Solution 3:

While looking for security implications running Wine I encountered following analysis. I believe, it will serve all users interested in this topic.

Analysis from 2018 (emphasis by me):

Malware family File system Registry Processes Network Services success Overall success
Narilam True True True N/A N/A True
Hikit False False False False False False
Stabuniq N/A N/A False False False False
Drixed False False False False False False
Batch Wiper False True False N/A N/A Partially
Dialer False False True N/A N/A False
MyDoom False False True False False False
Minamps True False True True False Partially
PlugX, Korplug False False True False N/A False
Wykcores True True True True True True
Didrex False False False False False False
Dozmot False N/A False N/A N/A False
Potao False N/A True N/A N/A False
Gamarue False True False False N/A Partially
TDL/Alureon False N/A False False N/A False
SC-KeyLog True True True True N/A True
Wirenet True N/A True True N/A True
CoreBot False False False False N/A False
Kawpfuni True False True N/A N/A Partially
Skypii False N/A False N/A N/A False
4DW4R3 True N/A True False N/A Partially
LokiBot False False False N/A N/A False
Nitol True True True True True True
Nivdort False False False False False False
Unknown1 False False True N/A N/A False
Unknown2 False False False N/A N/A False
Unknown3 False False False False N/A False
Unknown4 True False False False N/A Partially
Unknown5 False False False False False False

CONCLUSIONS

The research conducted in this study produced a series of results that can be used to develop an understanding of the behavior of Windows malware running in Linux via Wine. Results indicate that Windows malware is able to run successfully in a Linux environment through Wine. The success rates of Windows malware running in a Linux environment does appear to be relatively low. The fact that some samples of malware did run successfully illustrates that using the compatibility layer software Wine in a Linux environment does present a security risk to Linux systems, which would otherwise be secure against Windows malware. No relationships could be established between any types of malware or behavior of malware and the malware running successfully in the Linux environment; relationships between the services started in Windows and Network started in Windows independent variables may be investigated via future research and an increased sample size.

The findings suggest that samples which use particular API calls are less likely to run successfully. The OpenServiceA and OpenServiceW functions were never called in Zero Wine suggesting that using these calls can cause compatibility issues with Wine. Another possible reason for this could be that the services being opened are not available through Wine.

Source: https://link.springer.com/article/10.1007/s11416-018-0319-9