Wine on OLPC
Benjamin M. Schwartz
bmschwar at fas.harvard.edu
Fri Apr 11 23:54:44 CDT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
James Hawkins wrote:
| On Fri, Apr 11, 2008 at 7:45 PM, Benjamin M. Schwartz
|> Then how about a patch that specifically prevents users from running wine
|> as root over a profile that is not owned by root? I am trying to run wine
|> as a non-root user over a profile owned by another non-root user that has
|> been chmod'ed appropriately.
|>
|
| Running as root was just a specific example. The second case isn't
| allowed either.
|
I appear to have hit a nerve here; "isn't allowed" is surprisingly strong
language for an open source software project.
I'm particularly surprised because I cannot imagine any reasonable
scenario in which allowing non-root users to run in .wine/ directories
that they do not own is a security risk. There is no privilege escalation
here; the non-root user is still required by the kernel to operate within
the bounds of posix permissions.
I need the ability to run in profiles as a user who is not the "owner" of
the files on disk. I am doing this quite specifically because, in my
case, this greatly _increases_ the security of the system. In fact, it
allows complete sandboxing of each Wine instance, isolating it from the
rest of the system by kernel-level mechanisms.
I would prefer not to maintain a patched fork of Wine just to get this
trivial feature. That doesn't benefit anyone. I'm sure we can find a way
to provide this ability without compromising the security of users in the
general case.
- --Ben
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFIAECTUJT6e6HFtqQRAhwNAJ0eFd/fPB6BcNh5jTt+qU4xqhzaAQCfU2DJ
sYTFIFQaXVn0jyWkJGsi9Fo=
=lF7k
-----END PGP SIGNATURE-----
More information about the wine-devel
mailing list