Request for patch removal

L. Rahyen research at science.su
Wed Jan 16 14:32:05 CST 2008


On Wednesday January 16 2008 19:47:03 Stefan Dösinger wrote:
> Am Mittwoch, 16. Januar 2008 19:57:52 schrieb L. Rahyen:
> > 	We really need to fix that bug to allow reliable multiuser setups...
>
> Maybe the proper solution is one wineserver running globally, as a special
> user("wine", "root" or whatever), started at system boot. A global registry
> and dosdevice setup somewhere in /etc/, the fake C drive global, just the
> user.reg in every user's home. The wine instances started by the user
> connect to wineserver then, etc.

	This is probably good way to solve the problem. However it seems to me that 
it will require a lot of effort to implement this properly and reliably.

> However, if we do this, we'll have to care for security. We need
> authentication, secure IPC, secure resource handle access, provide security
> updates, etc. Currently, we do not care much about security, and as a
> consequence, we do not give any code of wine any special privileges, so
> Wine is not a security thread(Other than allowing Viruses to run, but that
> is inherent to its functionality).
>
> But dealing with security requires manpower. We have to implement all this,
> audit the code, etc. Wine is already a huge effort, and we're starving of
> manpower. I think the existing manpower is better spent at improving our
> Windows API implementation instead of diving into security hell. Patches
> are welcome though ;-)

	I agree with you here. In fact this isn't too big problem (at least for me). 
But this bug probably should be solved for version 1.1 (for 1.0 we already 
have a lot of other bugs to fix).



More information about the wine-devel mailing list