Why not integrate this functionality into wineboot? That way if a user wants to completely deny the start-up folder they can just not add wineboot to the list of programs to be started on login, but if they want that functionality they can simply add wineboot to the list of programs for start up when they login? It would allow similar functionality to windows whilst still keeping it a separate system.
<br><br><div><span class="gmail_quote">On 2/10/07, <b class="gmail_sendername"><a href="mailto:richardvoigt@gmail.com">richardvoigt@gmail.com</a></b> <<a href="mailto:richardvoigt@gmail.com">richardvoigt@gmail.com</a>> wrote:
</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">On 2/10/07, David Lichterman <<a href="mailto:laviddichterman@gmail.com">laviddichterman@gmail.com
</a>> wrote:<br>> Stefan D�singer wrote:<br>> > Am Samstag 10 Februar 2007 05:20 schrieb Vitaliy Margolen:<br>> >> Misha Koshelev wrote:<br>> >>> Hi,<br>> >>><br>> >>> As you all may have noticed, I have been making quite a few patches
<br>> >>> within the last two weeks (or at least quite a few when compared to zero<br>> >>> before then) because I had figured out that the Vector NTI program that<br>> >>> is quite important in molecular biologThis patch makes sure that wine
<br>> >>> will start items in the StartUp folder<br>> >> IMHO this should not be fixed.<br>> >><br>> >> I've seen lots and lots of malicious programs using this mechanism to<br>> >> start themselves. And even worse if installer uses this to restart
<br>> >> itself. That means this installer might not work most of the time on<br>> >> windows.<br>> > Malicious programs can also write themselves to<br>> > HKLM/Software/Microsoft/Windows/Run, a key that wineboot reads. So I do not
<br>> > see any advantage in implementing the Run key, but not the autostart folder.<br>> ><br>> ><br>> > ------------------------------------------------------------------------<br>> ><br>> >
<br>> I second that opinion. I do computer tech support (ie getting viruses<br>> and spy/malware off of windows) at my university and if there's a case<br>> for not implementing one of those two run at boot features, disabling
<br>> the Run key would be the stronger since most, if not all malicious<br>> programs now use the run registry location as opposed to the Startup folder.<br>><br>> It really comes down to the amount of power a user should have. Maybe
<br>> require a gksu whenever an app tries to write something to that folder<br>> or that registry location?<br><br>What a gksu?<br><br>How about prompting the user during startup?<br><br>e.g., "Start <title> using command line <program + args>? Yes/No ([x]
<br>Don't ask again"<br>Don't ask again items could either be stored as hash codes in a<br>configuration file outside the wine filesystem, or else by deleting<br>command/moving to a usual Unixy autostart location.
<br><br>This should be done for all startup programs, whether start menu or registry.<br><br>It would be the best of both worlds, it works as expected for the user<br>without requiring them to give up control of their system.
<br><br>There could even be a winecfg option whether to prompt the user,<br>silently allow, automatically+loudly deny, or silently deny.<br><br><br></blockquote></div><br>