http://bugs.winehq.org/show_bug.cgi?id=20578
Summary: Debian/Ubuntu packages do not follow proper format for /etc/sysctl.d Product: Wine Version: unspecified Platform: PC OS/Version: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: -unknown AssignedTo: wine-bugs@winehq.org ReportedBy: at@drinian.org
After reading about the recent security hole in the Linux kernel (cf. http://linux.slashdot.org/story/09/11/04/0320254/), I decided to add a new script to /etc/sysctl.d/ to set vm.mmap_min_addr to a non-zero value even though I have Wine installed.
Problem is, the Wine package installs a file, /etc/sysctl.d/wine.sysctl.conf, that does not have a numerical prefix in its file name. It will always execute after all other files in the directory that have values like 10-*.conf, 30-*.conf, etc. This is explained in the file /etc/sysctl.d/README.
So, to make my new reset script run after Wine's script, I have to name it something like zz.wine-undo.sysctl.conf.
Package maintainer should probably at minimum rename the file, if not find a way to encourage users to make this security-lowering decision on their own rather than making it the default. (Maybe a warning message from wine when vm.mmap_min_addr is not zero?)