Security of WINE and ReactOS: was Documents and settings

[Joshua Walker]

The one known as "Steven Edwards" hath scripted:
---------------------------------
The unix security design of users and groups with
permissions is not
bad its just outdated. The nice thing about Unix is
adding new security
modules via PAM is not to bad except they are only for
authentication.
The unix concept of groups, users and permissions
needs to be moved
forward about 20 years. The SELinux stuff has really
helped alot in
this regard. (Please dont flame its the truth)
-----------------------------------

Looking at security from a Unix up to windows through
WINE as opposed to looking down to UNIX from Windows
through WINE, I have do disagree. The UNIX security
system is not really "outdated" just "diffrent". One
of the reasons why it's still around after 20 years is
because it works.

As I have never owned Windows after ME drug it's
carcass across the computing landscape, I don't really
quite grok windws security anyway.  From futzing with
an XP box at work, I don't see any real obvious way of
locking down permissions on files and such. Right
click/properties on a file gives me the same tierd DOS
flags that haven't changed since DOS 3.0 I don't see
anyting that's blocking me from deleting, say,
advapi32.dll with extreame prejudice. If I went into
my /lib dir and tried a rm -fr as a normal user, my
system will kindly tell me to go away and play in my
/home directory.

The question is quite intresting. How does one
"translate" a security philosophy? Do we want to give
WINE the ability to hijack wsock32.dll?
(wsock32.dll.so) This is often done with ISP
proprietary installers, *COUGH*-AOL-*COUGH*, and
various spyware apps.

Has this been considered?