| View previous topic :: View next topic |
| Author |
Message |
Gentree
Watchman
Joined: 01 Jul 2003
Posts: 5350
Location: France, Old Europe
|
 Posted: Sun Nov 20, 2005 9:22 pm Post subject: Ensure proper user rights for Wine |
 |
|
A potentially nasty bug has just been revealed on wine-devel mailing list.
If the user under which Wine is run is a member of disk or wheel groups , winecfg will destroy the MBR!
Since Wine will be running windows software this issue simply underlines the need to make sure that that user is sufficiently well shackled not to do any damage if he get's some malitious code (or a bug in wine).
_________________
Linux, because I'd rather own a free OS than steal one that's not worth paying for.
Gentoo because I'm a masochist
AthlonXP-M on A7N8X. Portage ~x86 |
|
| Back to top |
|
 |
Voltago
Advocate
Joined: 02 Sep 2003
Posts: 2593
Location: userland
|
| Posted: Sun Nov 20, 2005 9:34 pm Post subject: |
|
|
| How can a wheel- and non-disk-user even touch the MBR? |
|
| Back to top |
|
|
Gentree
Watchman
Joined: 01 Jul 2003
Posts: 5350
Location: France, Old Europe
|
| Posted: Sun Nov 20, 2005 9:54 pm Post subject: |
|
|
Dont know , what services does the wheel group provide?
from the wine-devel ML:
| Quote: |
> >> > Le dimanche 20 novembre 2005 à 18:57 +0100, wino@piments.com a
écrit :
> >> > > On Sun, 20 Nov 2005 18:33:53 +0100, Oliver Stieber
> >> > > <oliver_stieber@yahoo.co.uk> wrote:
> >> > >
> >> > > > I've just tried at it appears to have wiped my MBR logged in
as
> >> a normal
> >> > > > User in wheel group.
> >> > > > If this is the problem then I purchsed a new drive because of
it
> >> last
> >> > > > month.
> >> > > > Oliver. |
_________________
Linux, because I'd rather own a free OS than steal one that's not worth paying for.
Gentoo because I'm a masochist
AthlonXP-M on A7N8X. Portage ~x86 |
|
| Back to top |
|
|
Voltago
Advocate
Joined: 02 Sep 2003
Posts: 2593
Location: userland
|
|
| Back to top |
|
|
Da Fox
Guru
Joined: 06 Jul 2005
Posts: 342
|
| Posted: Sun Nov 20, 2005 10:19 pm Post subject: |
|
|
but wouldn't you still need to give in you root password for 'su'?
_________________
"Man fears the darkness, and so he scrapes away at the edges of it with fire."
- Rei Ayanami
JGBE, a Java based GameBoy Emulator |
|
| Back to top |
|
|
PaulBredbury
Watchman
Joined: 14 Jul 2005
Posts: 7310
|
| Posted: Sun Nov 20, 2005 10:22 pm Post subject: |
|
|
Don't run wine as root (pretty obvious), and don't add a user to the "disk" group to give him the ability to destroy the boot sector  |
|
| Back to top |
|
|
|
Networking & Security
