ntdll: add a warning about running wine as root (resend)
Ben Klein
shacklein at gmail.com
Tue Feb 10 23:51:50 CST 2009
2009/2/11 Vitaliy Margolen <wine-devel at kievinfo.com>:
> Ben Klein wrote:
>> This is not a problem with Wine, this is OpenSUSE breaking the
>> environment when sudo is called. Remember, Wine is not the only X11
>> app out there. Others will need $DISPLAY working!
> This is something called security....
This is something called "nothing we have to worry about or address".
It's not *expected* to work this way on your default OpenSUSE
configuration.
Note that security always comes at the cost of convenience.
2009/2/11 Vincent Povirk <madewokherd+8cd9 at gmail.com>:
>> To abstract what you're saying here, you're suggesting to extend the
>> wineprefix ownership test to include $HOME when $WINEPREFIX is not set
>> and $HOME/.wine does not exist?
>>
>> That doesn't sounds like a bad idea to me. But I'm not so sure about
>> specifically testing on UID=0 or SUDO_USER.
> This specifically covers the one case that is broken for people who
> maybe can't be expected to know any better: running wine for the first
> time using sudo on ubuntu. I don't know why else $HOME would not be
> owned by you, but I've been assuming we want Wine to function in those
> cases (otherwise, we'd have added this test when we added the original
> ownership test, right?).
>
> If a user's home directory will always be owned by the user in a
> working Unix-like configuration, there's no need to test uid or
> SUDO_USER.
Um ... not sure what you mean here, but the problem comes when $HOME
is not owned by $USER due to sudo. The default configuration of sudo
on most distros is to use the calling user's $HOME.
Vitaliy has demonstrated that this is not true for OpenSUSE, but as it
has been discussed, OpenSUSE doesn't do anything unexpected as a
result. (It's effectively the same as doing "su - -c wine" whatever.)
My point is that enforcing the test only on UID is not a particularly
neat way to do it, because you'd get the same permissions problems if
"sudo -u otheruser" is used. Also, that the default wineprefix is in
$HOME, which does not and should not involve a lookup in /etc/passwd
for the home directory of the user indicated in $USER (or $SUDO_USER),
since this has already been done when setting up the environment.
So Wine really doesn't need to do special things with $SUDO_USER.
More information about the wine-devel
mailing list