Request for patch removal

Stefan Dösinger stefandoesinger at gmx.at
Wed Jan 16 13:47:03 CST 2008 

Am Mittwoch, 16. Januar 2008 19:57:52 schrieb L. Rahyen:
> 	We really need to fix that bug to allow reliable multiuser setups...
Maybe the proper solution is one wineserver running globally, as a special 
user("wine", "root" or whatever), started at system boot. A global registry 
and dosdevice setup somewhere in /etc/, the fake C drive global, just the 
user.reg in every user's home. The wine instances started by the user connect 
to wineserver then, etc.

However, if we do this, we'll have to care for security. We need 
authentication, secure IPC, secure resource handle access, provide security 
updates, etc. Currently, we do not care much about security, and as a 
consequence, we do not give any code of wine any special privileges, so Wine 
is not a security thread(Other than allowing Viruses to run, but that is 
inherent to its functionality).

But dealing with security requires manpower. We have to implement all this, 
audit the code, etc. Wine is already a huge effort, and we're starving of 
manpower. I think the existing manpower is better spent at improving our 
Windows API implementation instead of diving into security hell. Patches are 
welcome though ;-)

*** snip ***

I once used the following setup:

*) A shared C drive(/opt/windows), owned by a special user wine
*) A shared ~/.wine in /etc/wine, owned by user wine.
*) A private ~/.wine in each user's home
*) dosdevices, system.reg and userdef.reg symlinked from /etc/wine to ~/.wine
*) A private user.reg for each user
*) C:\windows\profiles\($USER) symlinked to a folder in the user's home

The shared files(/opt/windows, /etc/wine) were read-only for everyone except 
wine. This way, each user had his own HKEY_CURRENT_USER, and I shared 
HKEY_LOCAL_MACHINE and the application installation directory among all 
users. HKEY_LOCAL_MACHINE was even write protected for all but by 
administrator wine user. Every user could modify it, but wineserver would 
fail to write the changes to system.reg, so the changes weren't persistent. 
No overwriting of registry files across accounts was possible because the 
shared files were write protected, and user.reg was private for each user.

For well-behaved apps this worked like a charm. Each user could safe his own 
preferences and was protected against accidentally messing up the 
installation. However, I eventually dropped that setup because it was a pain 
with games and many other apps, and I am in fact using my machines alone, so 
a multiuser setup was pointless. The catch compared to real multiuser support 
was that Windows processes belonging to different users could not see each 
other, and no IPC was possible across users. Furthermore the initial setting 
was tricky.

More information about the wine-devel mailing list