Fwd: Re: Fwd: MBR was destroyed
Jonathan Ernst
jonathan at ernstfamily.ch
Sun Nov 20 14:14:23 CST 2005
Le dimanche 20 novembre 2005 à 21:01 +0100, wino at piments.com a écrit :
> On Sun, 20 Nov 2005 20:26:07 +0100, Jonathan Ernst
> <jonathan at ernstfamily.ch> wrote:
>
> > Le dimanche 20 novembre 2005 à 19:04 +0000, Oliver Stieber a écrit :
> >> --- Jonathan Ernst <jonathan at ernstfamily.ch> wrote:
> >>
> >> > Le dimanche 20 novembre 2005 à 18:57 +0100, wino at piments.com a écrit :
> >> > > On Sun, 20 Nov 2005 18:33:53 +0100, Oliver Stieber
> >> > > <oliver_stieber at yahoo.co.uk> wrote:
> >> > >
> >> > > > I've just tried at it appears to have wiped my MBR logged in as
> >> a normal
> >> > > > User in wheel group.
> >> > > > If this is the problem then I purchsed a new drive because of it
> >> last
> >> > > > month.
> >> > > > Oliver.
> >> > >
> >> > > Can I have your old one ? ;)
> >> > >
> >> > > Apart from fixing this ugly bug , it looks like something more
> >> precise
> >> > > than "dont run as root" is needed before inviting the click-and-go
> >> windows
> >> > > crowd to join the party.
> >> >
> >> > brw-rw---- 1 root disk 8, 0 nov 20 17:23 /dev/hda
> >> >
> >> > If you are not part of the disk group and you are not running as root,
> >> > this cannot happen. There might be a bug in Wine, but the most
> >> important
> >> > error is people having incorrect rights set or having too much rights.
> >> >
> >> I was part of the disk group when my MBR was overwritten because I'd
> >> been doing some work on the
> >> drives and don't like sudo. Isn't it still a bug in wine that the MBR
> >> was overwritten in the first
> >> place, even if I'm in the disks group or running as root?
> >
> > Yes of course that's a bug in Wine. But what I meant is that the
> > security model of Linux if correctly applied (i.e. people don't have
> > rights to make things they are not supposed to do) would prevent such
> > things to happen.
> >
>
> So is the conclusion that users need to set up a special new user with
> super restrictive rights to protect the system from bugs in wine?! My
> confidence in wine has just taken a knock.
>
> Up until now I have not seen anything that says a wine user should not
> have access to any other services.
>
> Setting up a tightly restricted user soley to run wine is what I do in any
> case since I am installing windows software and this often necessitates
> installing IE and other horrors.
>
> Maybe this should become an official recommendation.
>
>
> If it is not sufficient to just "not run wine as root" then this should go
> down as a documentation bug as well.
I think I still didn't make myself clear. Yes there is (I guess) a bad
bug in Wine. But: giving normal users a right to write to /dev/hd? is
very dangerous and should be avoided.
Why would a normal user need a write access to /dev/hd? ?
Wine can have bugs, any other application could have bugs that made them
try to write things to /dev/hd?. You could get some virus or whatever
that execute with you user's right and you really don't want it to wipe
out your hdd, do you ?
Regards,
Jonathan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://www.winehq.org/pipermail/wine-devel/attachments/20051120/62880f71/attachment-0001.pgp
More information about the wine-devel
mailing list