wineserver: Added support for read/only Registry, similar to unprivileged users (try 2)
paulc at voip.null.ro
Mon Nov 30 09:16:34 CST 2009
On Monday 30 November 2009 04:02:03 pm you wrote:
> Paul Chitescu <paulc at voip.null.ro> writes:
> > Changelog:
> > wineserver: Added support for read/only Registry, similar to
> > unprivileged users
> > Rationale:
> > This is a first step towards implementing shared wine prefixes
> > most users being unprivileged and a single Administrator (power user,
> > capable of installing programs.
> I don't think it's a step in the right direction. What you need is
> proper access control with security descriptors, like we have for other
> objects. A single read-only bit cannot be extended to support this.
> Alexandre Julliard
> julliard at winehq.org
In the filesystem we use as backend for Registry all we can tell is if we can
write to it or not so in the end one bit is all that's relevant (except if
it's completely unreadable when wine should abort).
No matter what an user does it cannot change that. We don't want a wine
service running as root trying to replicate Windows access rights on the
native system, do we?
ACLs would require at least some mapping between wine users and native system
users. And anyway, even SYSTEM or NT AUTHORITY would be unable to write to
Registry if it's read only so that one bit should suffice.
More information about the wine-devel