Fwd: Re: Fwd: MBR was destroyed

Jonathan Ernst jonathan at ernstfamily.ch
Sun Nov 20 14:14:23 CST 2005


Le dimanche 20 novembre 2005 à 21:01 +0100, wino at piments.com a écrit :
> On Sun, 20 Nov 2005 20:26:07 +0100, Jonathan Ernst  
> <jonathan at ernstfamily.ch> wrote:
> 
> > Le dimanche 20 novembre 2005 à 19:04 +0000, Oliver Stieber a écrit :
> >> --- Jonathan Ernst <jonathan at ernstfamily.ch> wrote:
> >>
> >> > Le dimanche 20 novembre 2005 à 18:57 +0100, wino at piments.com a écrit :
> >> > > On Sun, 20 Nov 2005 18:33:53 +0100, Oliver Stieber
> >> > > <oliver_stieber at yahoo.co.uk> wrote:
> >> > >
> >> > > >  I've just tried at it appears to have wiped my MBR logged in as  
> >> a normal
> >> > > > User in wheel group.
> >> > > > If this is the problem then I purchsed a new drive because of it  
> >> last
> >> > > > month.
> >> > > > Oliver.
> >> > >
> >> > > Can I have your old one ? ;)
> >> > >
> >> > > Apart from fixing this ugly bug , it looks like something more  
> >> precise
> >> > > than "dont run as root" is needed before inviting the click-and-go  
> >> windows
> >> > > crowd to join the party.
> >> >
> >> > brw-rw----  1 root disk 8, 0 nov 20 17:23 /dev/hda
> >> >
> >> > If you are not part of the disk group and you are not running as root,
> >> > this cannot happen. There might be a bug in Wine, but the most  
> >> important
> >> > error is people having incorrect rights set or having too much rights.
> >> >
> >> I was part of the disk group when my MBR was overwritten because I'd  
> >> been doing some work on the
> >> drives and don't like sudo. Isn't it still a bug in wine that the MBR  
> >> was overwritten in the first
> >> place, even if I'm in the disks group or running as root?
> >
> > Yes of course that's a bug in Wine. But what I meant is that the
> > security model of Linux if correctly applied (i.e. people don't have
> > rights to make things they are not supposed to do) would prevent such
> > things to happen.
> >
> 
> So is the conclusion that users need to set up a special new user with  
> super restrictive rights to protect the system from bugs in wine?! My  
> confidence in wine has just taken a knock.
> 
> Up until now I have not seen anything that says a wine user should not  
> have access to any other services.
> 
> Setting up a tightly restricted user soley to run wine is what I do in any  
> case since I am installing windows software and this often necessitates  
> installing IE and other horrors.
> 
> Maybe this should become an official recommendation.
> 
> 
> If it is not sufficient to just "not run wine as root" then this should go  
> down as a documentation bug as well.

I think I still didn't make myself clear. Yes there is (I guess) a bad
bug in Wine. But: giving normal users a right to write to /dev/hd? is
very dangerous and should be avoided.

Why would a normal user need a write access to /dev/hd? ?

Wine can have bugs, any other application could have bugs that made them
try to write things to /dev/hd?. You could get some virus or whatever
that execute with you user's right and you really don't want it to wipe
out your hdd, do you ?

Regards,
Jonathan

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://www.winehq.org/pipermail/wine-devel/attachments/20051120/62880f71/attachment-0001.pgp


More information about the wine-devel mailing list