http://bugs.winehq.org/show_bug.cgi?id=17337
Summary: Prevent running as root Product: Wine Version: 1.1.14 Platform: PC URL: http://www.winehq.org/pipermail/wine-devel/2009- February/072843.html OS/Version: Linux Status: NEW Keywords: download, source Severity: enhancement Priority: P2 Component: -unknown AssignedTo: wine-bugs@winehq.org ReportedBy: austinenglish@gmail.com
Been tried a few times, need to make it harder to run as root, but not disabled. Alexandre proposed: No, warning message boxes are just as useless, users have been conditioned by MS to click through without reading.
If you really want to prevent users from running as root you have to refuse to create the prefix and abort, and then make them jump through hoops to create it manually, by running wineboot explicitly or something like that.
See this thread for my most recent patch, which started this discussion: http://www.winehq.org/pipermail/wine-devel/2009-February/072843.html
Filing a bug since I'm not sure when I'll be able to work on this.
http://bugs.winehq.org/show_bug.cgi?id=17337
--- Comment #1 from Andrew Nguyen arethusa26@gmail.com 2010-06-19 10:58:37 --- For a long time now Wine has refused to create a new Wine prefix if the prefix path isn't owned by the running user. I assume we can call this a satisfactory solution?
http://bugs.winehq.org/show_bug.cgi?id=17337
--- Comment #2 from Austin English austinenglish@gmail.com 2010-06-20 20:19:16 --- No. Some users (though, less) are still running wine as root. AJ's suggestion is a good one, I just haven't figured out how to do it yet :-).
http://bugs.winehq.org/show_bug.cgi?id=17337
Martin Gregorie martin@gregorie.org changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |martin@gregorie.org
--- Comment #3 from Martin Gregorie martin@gregorie.org 2012-06-18 20:19:00 CDT --- I agree with Austin and suggest that, immediately after validating the command line arguments[1], Wine should check the user name before doing anything else except returning replies for --help and --version options. Something like
if(strcmp(getenv("USER"), "root") == 0)
should do the trick nicely. If this check fails, display a warning message about running wine as root (written to stderr and/or displayed as a pop-up if Wine isn't being run from a command line) and exit with the EACCES termination code.
This should nicely trap inadvertent attempts to run as root. If the user really wants to run under root, let him add a command line option to override the username check. I suggest something like an --allow_root option.
[1] Wine does not check for and reject invalid options soon enough. Although "wine --version" doesn't create a .wine prefix if it doesn't exist, "wine -version" DOES create one before saying that it can't find -version.exe. This is annoying: I stick to the one program per prefix rule and would prefer that it doesn't set up default prefixes just because I have finger trouble on occasion. Given that even Windows programs don't have names starting with '-', it would be a good idea to assume that all arguments before the first that is recognizable as a program name, i.e. starts with 0-9a-z and ends with .exe, are Wine options and validate them before starting to create a prefix.
https://bugs.winehq.org/show_bug.cgi?id=17337
--- Comment #4 from Ken Sharp imwellcushtymelike@gmail.com --- Still an issue in Wine 1.7.45.
https://bugs.winehq.org/show_bug.cgi?id=17337
Ken Sharp imwellcushtymelike@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.winehq.org/sho | |w_bug.cgi?id=30647
https://bugs.winehq.org/show_bug.cgi?id=17337
Ken Sharp imwellcushtymelike@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.winehq.org/sho | |w_bug.cgi?id=11112