direct access to IO space [Was: kernel level drivers - next try]
kuba at mareimbrium.org
Tue Oct 17 14:21:48 CDT 2006
> > Yes for the last statement, but extraordinary user's mileage may vary.
> > It can choose between (a) running wine as root and (b) running
> > LIDS-patched kernel  plus this command:
> > # lidsadm -A -s /path/to/some_wine_binary_piece -o CAP_SYS_RAWIO -j
> > GRANT
> Couldn't you also unmap the I/O ports memory and catch segmentation
> faults referring to that area, then reroute them through some system
> service running as root? It's safer than running wine as root.
All that one needs is a small setuid-root wrapper that grants needed ioperms
and then folds back to regular user and execs wine.
More information about the wine-devel