https://bugs.winehq.org/show_bug.cgi?id=48889
--- Comment #9 from Luca Boccassi luca.boccassi@gmail.com --- (In reply to oiaohm from comment #8)
(In reply to Luca Boccassi from comment #7)
(In reply to Olivier F. R. Dierick from comment #6)
Hello,
Silently default to disable, otherwise we'll get heap of people complaining that it ask a question about something they don't need.
People that need it will look for a way to fix their application and will find the instructions in the wiki/appdb/howto, or we'll tell them on the forums/bugzilla where to find them.
Regards.
Ok, I'll send an updated patch in the next couple of days.
Really the current patch needs to be junked its simple wrong. The work around people are doing to run games is also major security wrong.
Thanks for the (unprompted) lecture on cap_net_raw, but we know how it works and what it does. The entire point of wine is to run untrusted, third-party, proprietary and closed-source binaries. If you have confidentiality requirements on a machine and you choose to install it, I'm afraid you already lost. For some users, like yourself, adding net_raw might be a step too far - then you are of course free not to enable it. I'm fine with having it off by default, that's not a concern really. It can even be a low priority debconf option, so nobody will see it unless they go look for it. Other users for whom the distinction is perfectly meaningless can instead choose to enable it and have working applications.
For some software it's worth going to extra steps and spend extra time to drop what's not needed at runtime, and much more. But let's face it, it's really not the case here: this is about being able to occasionally run a couple of games, not production-critical workloads.