Wanted: small C program to drop all capabilities but cap_sys_ptrace
Scott Ritchie
scott at open-vote.org
Wed Sep 29 13:38:09 CDT 2010
On 09/29/2010 07:53 AM, Scott Ritchie wrote:
> On 09/29/2010 07:12 AM, Alexandre Julliard wrote:
>> Scott Ritchie <scott at open-vote.org> writes:
>>
>>> Ubuntu 10.10 is coming out soon, and its new kernel settings prevent
>>> Wine apps from looking at each others' memory. This breaks World of
>>> Warcraft, among other things. See:
>>> http://bugs.winehq.org/show_bug.cgi?id=24193
>>>
>>> What's needed is a very small shim for Wine that can be setuid 0, but
>>> then release all capabilities except what Wine actually needs -- what a
>>> normal user has, and cap_sys_ptrace.
>>
>> I don't think that's a good idea. CAP_SYS_PTRACE allows access to any
>> process, so it's a lot more dangerous than the standard ptrace checks
>> that Ubuntu decided to break. Going back to the default behavior is
>> probably safer than making Wine setuid...
>>
>
> Unfortunately the default behavior can only be set globally, so that
> leaves me with:
>
> 1) make installing the package cause the global change
> 2) the above idea
> 3) do nothing
>
> I'm not sure which is worse, although I know doing nothing breaks a lot
> of apps. The long term solutions are described at the bug however.
>
> It would be rather nice if there were a cap_sys_ptrace that were at
> least restricted to other processes owned by that user...
>
>
Actually there's a 4th option that I hadn't realized: apps can give up
their own ptrace protection. So Wine can do that for all Wine apps.
This should be fairly easy (details at bug report).
More information about the wine-devel
mailing list