Request for patch removal

Kai Blin kai.blin at
Wed Jan 16 16:17:44 CST 2008

On Wednesday 16 January 2008 20:47:03 Stefan Dösinger wrote:
> Am Mittwoch, 16. Januar 2008 19:57:52 schrieb L. Rahyen:
> > 	We really need to fix that bug to allow reliable multiuser setups...
> Maybe the proper solution is one wineserver running globally, as a special
> user("wine", "root" or whatever), started at system boot.

+1 :)

> However, if we do this, we'll have to care for security. We need
> authentication, secure IPC, secure resource handle access, provide security
> updates, etc. Currently, we do not care much about security, and as a
> consequence, we do not give any code of wine any special privileges, so
> Wine is not a security thread(Other than allowing Viruses to run, but that
> is inherent to its functionality).

We can probably do this similar to Windows. IIRC you get a token at log-in 
time to identify yourself with. I think running as a special user is 
sufficient, I doubt running as root is necessary.

I figure once Wine 1.0 is out, we'll have to provide security updates anyway.

> But dealing with security requires manpower. We have to implement all this,
> audit the code, etc. Wine is already a huge effort, and we're starving of
> manpower. I think the existing manpower is better spent at improving our
> Windows API implementation instead of diving into security hell. Patches
> are welcome though ;-)

+100 ;)


Kai Blin
WorldForge developer
Wine developer
Samba team member
Will code for cotton.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : 

More information about the wine-devel mailing list