Wine on OLPC

[Benjamin M. Schwartz]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

James Hawkins wrote:
| On Fri, Apr 11, 2008 at 7:45 PM, Benjamin M. Schwartz
|>  Then how about a patch that specifically prevents users from running wine
|>  as root over a profile that is not owned by root? I am trying to run wine
|>  as a non-root user over a profile owned by another non-root user that has
|>  been chmod'ed appropriately.
|>
|
| Running as root was just a specific example.  The second case isn't
| allowed either.
|
I appear to have hit a nerve here; "isn't allowed" is surprisingly strong
language for an open source software project.

I'm particularly surprised because I cannot imagine any reasonable
scenario in which allowing non-root users to run in .wine/ directories
that they do not own is a security risk.  There is no privilege escalation
here; the non-root user is still required by the kernel to operate within
the bounds of posix permissions.

I need the ability to run in profiles as a user who is not the "owner" of
the files on disk.  I am doing this quite specifically because, in my
case, this greatly _increases_ the security of the system.  In fact, it
allows complete sandboxing of each Wine instance, isolating it from the
rest of the system by kernel-level mechanisms.

I would prefer not to maintain a patched fork of Wine just to get this
trivial feature.  That doesn't benefit anyone.  I'm sure we can find a way
to provide this ability without compromising the security of users in the
general case.

- --Ben
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIAECTUJT6e6HFtqQRAhwNAJ0eFd/fPB6BcNh5jTt+qU4xqhzaAQCfU2DJ
sYTFIFQaXVn0jyWkJGsi9Fo=
=lF7k
-----END PGP SIGNATURE-----