Security of WINE and ReactOS: was Documents and settings

Steven Edwards steven_ed4153 at yahoo.com
Sat Apr 17 13:10:33 CDT 2004


Hello Alex,

I am going to drag this semi-off topic for a bit while I plant some
ideas in people heads.

--- Aleksey Bragin <aleksey at studiocerebral.com> wrote:
> If ROS will support (and I bet it will!) NT 4.0 security model (or,
> better,
> Win2k then) it would be just great!
> Certainly people with deeper knowledge of this security model +
> knowledge of
> unix and also linux implementation model can specify the differences,
> and
> what's missing in them.

Note I only know a little about the Local Securty Authority but I think
its not going to be to hard to implement if Wine and ReactOS work
together on it. /me just doubts how much he can write.

The unix security design of users and groups with permissions is not
bad its just outdated. The nice thing about Unix is adding new security
modules via PAM is not to bad except they are only for authentication.
The unix concept of groups, users and permissions needs to be moved
forward about 20 years. The SELinux stuff has really helped alot in
this regard. (Please dont flame its the truth)

I recently addressed this in a discussion about ReactOS. Currently our
lsass does not exist. I think we have what we have parts of the
security reference monitor already implemented in ntoskrnl and most of
the parts are there for winlogon and the SAM database so we need to
develop the lsass services and build out the authentaticaion modules
for MSV1_0 auth.

One of the nice things about the design of the Windows security module
is that we can make plugins at both ends so that users can be granted
access either based on a "domain" concept in winlogin/Gina using
plugins for LDAP and PAM or via the lsass so users can be authencated
locally. 

It would be nice if we could work with the Winehq people on this as I
think we can share the parts of the security subsystem that reside in
lsass. Think of it like this

(Kernel support)

wineserver/ntosknrl need to both implement the security refernce
montior for privlaged use of the local system resources. I dont know
how much of this wineserver really needs to take in to account in the
initial incarnation. 

(Local security subsystem)

Lsass works interactivly with services and the login system and can
accept all sorts of nice plugins so we are not limited to just the
standard Windows authentication. As a matter of fact you could replace
large parts of they authentication system if you are supper paronoid.
Think of lsass as the sentry for Windows. It talks to the SRM to make
sure you are not doing anything you shouldnt be.

(User interaction)
Interaction with the user will come from Winlogon on ReactOS or on Unix
the user should already be authenticated via Linux security. This can
of course be done via the authentication modules described above. Once
the user

I wish I could attach the nice chart from Inside Windows NT so you
could see the security subsystem. Its quite a piece of work and is
quite a shame Windows security gets a bad name due to slack
administrators.

Thanks
Steven



	
		
__________________________________
Do you Yahoo!?
Yahoo! Tax Center - File online by April 15th
http://taxes.yahoo.com/filing.html



More information about the wine-devel mailing list