[Wine] Re: Alexandre says "let the newbies run as root"

oiaohm wineforum-user at winehq.org
Thu Mar 27 05:02:27 CDT 2008


Windows one on the download page should be deleted.  Reason its out of date. and its only a dll testing system not a full version of wine.  Gives me too many bad questions in winehq on freenode.  It gives too many people the wrong end of stick.

Solaris I can talk on it has another way http://blogs.sun.com/casper/entry/solaris_privileges No root required there.  What is needed for wine can be give threw the default security system even better on a per process base.  Root user there has been past for many years.

http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/jails-tuning.html
Freebsd found 1 really two this covers PC-BSD as well.  But pure default root is not where wine should be running instead in a Freebsd jail preventing system wide harm.

Note Since OS X is freebsd related it might be the same.  Still no reason to be running as pure uncontrolled root if it has the FreeBSD system.  Some one with OS X skill need to research this.

Problem still is that users are going to use it wrong.    Not read the Security of the OS and put the complete OS at risk.

So Linux and Solaris builds root should be just baned out right.   Systems have a correct way around it.   

Note trustedBSD has close to the same as Linux posix capabilities main freeBSD Line decided not to merge that at this stage but keep the jail system.

Most new FreeBSD would lack the skill to create a jail correctly to reduce wine to the same as a Linux capability boost.

Some how a generic security raising setup is needed.

Solarias, trustedBSD and Linux due to there permission system could be dynamic on a application by application base without major complexity. wine like sudo interface could even be used allowing admin to limit what users can even use the enhanced features.  Since the user will be returned to there normal user with normal user filesystem access just with more network access.

Freebsd with jails will be messy.

Now if OS X only has old chroots we have a problem.   If that is the case OS X users should be yelling a apple to lift there game one way or another.

Really we should not be light about this.  Would have though in this day in age on a BSD Linux *nix OS these kind of limitations would be standard.

Ok as it turns out FreeBSD and Linux have gone two different ways to get there.   There is still no valid reason to leave most of the install base using the wrong thing for there system.

I was hoping that people would at least have responsibility to research the other systems.  Not just try to create a vague list of reasons.  Linux is my most common system.   There might even be a better way on freebsd.







More information about the wine-users mailing list