[Wine]WinNY and Wine

Thu Jul 14 11:43:09 CDT 2005

Tom,

I truly appreciate your comprehensive explanation, only a fraction of
which I was already aware.  I have been convinced to not use superuser
to login.  However, when I started up kde as a user (after adding the
'echo "exec startkde" > ~/.xinitrc' command), it just hanged on the
splash screen as it was trying to load peripherals.  I believe this is
because I'm unable to access everything that I installed as root, and
I'm not sure how I would gain access to this.

I realize this isn't directly a wine-related problem, but it will be
necessary for me to overcome this before I can attempt to run wine
without logging in as root.

Thanks,
Isaac (I'll stick with my real name ;) )

Tom Cavin wrote:

>Hi Ray (aka Isaac),
>
>The only programs you should ever run as superuser are those that were
>designed to be run by superuser and then only under the conditions for
>which the program was designed.  And even that is questionable practice.
>
>As a general rule, if a user ever has to do anything as root, something is
>wrong.
>
>Yes, this is a "security precaution", but your use of the word "only"
>indicates to me that you might have a limited view of security.
>
>It isn't just Wine that you shouldn't run as root or superuser, it's any
>program.  On any Unix or Linux computer system, a process running with root
>(uid=0), (or in MS-Windows a process running with administrator
>privileges) has unquestioned authority to change the system.
>
>Execution privileges directly affect program functionality, and giving a
>program too many privileges means you may be giving it more than it was
>designed for.
>
>The operating system doesn't care if the command to format the system disk
>came from a command line of a logged in sys-admin who is wiping the disk
>before disposal, or from an email virus automatically executed by Outlook
>Express.  If the process issuing the format command has sufficient
>privileges to wipe the disk ... it's history.
>
>That's an extreme example, but there are many lesser issues that can cause
>more subtle damage.  Programs that are designed to be run by
>non-privileged users may normally probe parts of the file system in order
>to find a place to store temporary files.  This probe can be as simple as
>checking for read permissions, and a failed check causes the program to
>look elsewhere for temporary file space.  A user program may try to store
>information in the current directory, and if it can't write there it will
>switch to a user's home directory.  If you run such a program as superuser,
>the permissions check always succeeds, so you may end up writing files
>anywhere on your system.
>
>in the case of Wine, this is a particularly serious issue.  Wine is
>designed to run programs that were written for a different OS.  Regardless
>of anyone's opinion of the innate reliability of such code, running _any_
>program in Wine is running it in a foreign environment that has different
>rules than the program expects.
>
>As an analogy, consider average drivers in their home country.  They
>generally follow the rules of the road and know which side of the road to
>drive on.  If you take those drivers to another country where the rules are
>different, but you keep them on a restricted test track with no other
>drivers, things can work reasonably well.  If you put those same drivers in
>police cars with the sirens on and the lights flashing, in the middle of a
>densely populated foreign city where they don't know the language or the
>rules of the road, you are likely to have problems.  If you replace those
>foreign human drivers with robots hard-coded to drive on the "wrong" side
>of the street, the odds get even worse.
>
>In my mind, that analogy is very close to what you do when you run Wine as
>superuser.
>
>There is one difference though.  If you do this on your own machine you are
>only likely to hurt yourself.  It might be interesting to see what happens,
>and it could even be a good learning experience.
>
>But please don't do this on any system you (or anyone else) depends on.
>
>Best Wishes,
>
>     --Tom
>
>Isaac Rabicoff writes:
> > Usurp,
> > 
> > I appreciate your response.  If possible, however, I would like for you to
> > go into greater detail as to why I shouldn't run wine as root.  Actually, I
> > always login as a user, then upgrade to super user (I realize this is
> > effectively the same as root).  To my understanding, not running programs as
> > root is only a security precaution and shouldn't affect program
> > functionality.  Am I wrong?
> > 
> > Thanks,
> > - Ray (aka Isaac)
> > 
> > ----- Original Message ----- 
> > From: "Sylvain Petreolle" <spetreolle at yahoo.fr>
> > To: <wine-users at winehq.org>
> > Sent: Wednesday, July 13, 2005 10:10 AM
> > Subject: RE: [Wine]WinNY and Wine
> > 
> > 
> > > Rule #1: dont run wine as root.
> > > --- Isaac Rabicoff <irabicoff at kc.rr.com> a écrit :
> > >
> > > > Hello everyone,
> > > > 
> > > > I'm trying to figure out how to run Winny2b71 with wine-20050111-r1
> > > > on 2005.0 Gentoo Linux with kernel 2.6.11 r11 (I thought the version
> > > > info might be helpful). The result is nothing-- no error message,
> > > > nothing loads, nothing flashes. I have the program installed in
> > > > /root/.wine/Apps/Winny2, and I use the appropriate ' wine "[path]" '
> > > > command to execute the program.
> > >
> > >
> > > Kind regards,
> > >
> > > Usurp (aka Sylvain Petreolle)
> > >
> > > humans are like computers,
> > > yesterday the BIOS was all
> > > - today its just a word
> > > _______________________________________________
> > > wine-users mailing list
> > > wine-users at winehq.org
> > > http://www.winehq.org/mailman/listinfo/wine-users
> > 
> > _______________________________________________
> > wine-users mailing list
> > wine-users at winehq.org
> > http://www.winehq.org/mailman/listinfo/wine-users
>
>_______________________________________________
>wine-users mailing list
>wine-users at winehq.org
>http://www.winehq.org/mailman/listinfo/wine-users
>
>  
>